Password Insecurities

  • Comments posted to this topic are about the item Password Insecurities

  • When you have one or two passwords you can remember them. I have probably over 200 passwords so I write them down.

    I actually keep then in an encrypted container, and use a 12-character random password for each site I am registered on, but passwords are still a pain.

    Biometric data will just shift the pain, but will not eliminate it. We are still a long way off from having reliable biometric recognition, and when we do we will be no closer to being able to use it reliably. There will always be ways to fool the system, either by providing false credentials or by falsely changing the credential store.

    I think we need to work towards a general acceptance that security cannot be absolute. Sites should look at what data they are recording that requires customers to be registered, and stop recording it. This may mean that one route to gain marketing intelligence would be closed, but other routes would open up.

    The benefit of not needing to register to buy a train ticket or a SD card for my PC would mean the number of passwords I need could become small enough so that I can remember them.

    Original author: https://github.com/SQL-FineBuild/Common/wiki/ 1-click install and best practice configuration of SQL Server 2019, 2017 2016, 2014, 2012, 2008 R2, 2008 and 2005.

    When I give food to the poor they call me a saint. When I ask why they are poor they call me a communist - Archbishop Hélder Câmara

  • At the same time we are being warned against common passwords across multiple accounts, sites (including, ironically Gawker (Gizmodo) who published some of that information) are forcing users to access the sites through amagalmated sign-ons, like Facebook, Disqus, Google which completely violate that principle.

    The single identities add another risk because they share a common account ID across multiple sites, seemingly unrelated postings in different contexts could be used to gather a significant amount of 'leaked' personal information even without hacking their identity.

    ...

    -- FORTRAN manual for Xerox Computers --

  • This is exactly why I love KeePass 2.20. Not only does it generate 20 character secure passwords for you like zFLLsXUu3Cxjn2wy6Pys it also stores them in a central, safe and encrypted place where you won't forget what they are either. one of the most important free pieces of software you can have in your toolbox, bar none. 😀

    "Technology is a weird thing. It brings you great gifts with one hand, and it stabs you in the back with the other. ...:-D"

  • We're moving from a minimum of 7 (which can be broken in under a day) to a minimum of somewhere between 12 and 15. Also we are added an optional fingerprint scanner.

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply