Monday, January 19, 2009

Write your passwords down

Hi folks,

For most of the last 20 years or so that I've been paying attention to computer security, the mantra has been "Don't write your passwords down .... someone might steal your postit note... make a password you can remember."

Now, this is a Good Idea, _except_ that it encourages most people to have just one password... Or maybe two, if you have a really strong memory. And, unlike twenty years ago, where you maybe only had an email password, and a network login password at the office, there are now a zillion places to log into. As well as your email and the office, there's all the web 2.0 (or as I like to put it, the web 2.uh-oh) stuff ... your bank, youtube, myspace, facebook, amazon, ebay and twitter to mention but a few. Guess what ... if they're all using the same password, and _one_ of them gets hacked or phished, you lose you password to everywhere. If that includes your bank or paypal password, that's about the key to the kingdom, and you might not even know until real money starts disappearing.

Instead of using just one or two password, have many, and _write them down_.... either in your wallet or in a database. If you lose your wallet, at least you'll know to reset your passwords, as well cancel your credit cards.

Remember, there's now a whole industry comprised of people whose job it is to compromise your security. They go hungry if they don't, so they are highly motivated to be successful. Be careful on the Internet.

Cheers folks,

Roger

No comments: