Archives
December 2006
12/8/06
12/5/06
12/5/06
UN weighs in on passwords
Tuesday, December 5, 2006
1:15:00 PM EST
It has been a very long time since I've posted anything but here I go again. Just like the earlier posts, any new posts will be completely and entirely focused on whatever strikes my interest at the moment. :) Now on to the thought of the moment...
Over the last few days, I've seen several articles and posts such as this one about password security. Someone realized people use the same password across many web sites (gasp!). I hope this isn't really news to anyone:
"The number of passwords and logins web users need makes it inevitable they will re-use phrases, warned the International Telecommunications Union."
How much do those people make? Two easy solutions come to mind, one mentioned in the article and one is my very own invention (I think...don't we all hear things and then later recall it believing it is an original thought?).
Solution 1: Develop your own system for generating passwords by combining your password with the name of the web site. Here is what I mean...take your standard web password, insert the first and last letters of the web site you are viewing and insert them as the second and fourth letters or your password. Viola! You have a new unguessable password.
Need an example? Let's say your standard password is "alan" and I am registering for journals.aol.com. My password for becomes "ajlsan". I used the "j" and "s" from journals. Try cracking that!
OK, maybe you can. But if I started with something other than my name such as str8tobed, it would be pretty hard.
Solution 2: Use Roboform. I did a pretty comprehensive evaluation of password and identity managers earlier this year. Roboform is the best by far. There are a number of password managers that have the same features but Roboform is the most convenient by far and we all know . It can auto-generate random passwords and then remember them for you for each web site. It can make it easy to fill out forms when you shop or register for a site. It remembers your multiple identities (you have real and fake personas, right?). It is one of a very small number of products where I have paid for the full version.
Written by alank Blog about this entry |
Add to del.icio.us | 
digg this
1:15:00 PM EST
UN weighs in on passwords
Over the last few days, I've seen several articles and posts such as this one about password security. Someone realized people use the same password across many web sites (gasp!). I hope this isn't really news to anyone:
"The number of passwords and logins web users need makes it inevitable they will re-use phrases, warned the International Telecommunications Union."
How much do those people make? Two easy solutions come to mind, one mentioned in the article and one is my very own invention (I think...don't we all hear things and then later recall it believing it is an original thought?).
Solution 1: Develop your own system for generating passwords by combining your password with the name of the web site. Here is what I mean...take your standard web password, insert the first and last letters of the web site you are viewing and insert them as the second and fourth letters or your password. Viola! You have a new unguessable password.
Need an example? Let's say your standard password is "alan" and I am registering for journals.aol.com. My password for becomes "ajlsan". I used the "j" and "s" from journals. Try cracking that!
OK, maybe you can. But if I started with something other than my name such as str8tobed, it would be pretty hard.
Solution 2: Use Roboform. I did a pretty comprehensive evaluation of password and identity managers earlier this year. Roboform is the best by far. There are a number of password managers that have the same features but Roboform is the most convenient by far and we all know . It can auto-generate random passwords and then remember them for you for each web site. It can make it easy to fill out forms when you shop or register for a site. It remembers your multiple identities (you have real and fake personas, right?). It is one of a very small number of products where I have paid for the full version.
Written by alank Blog about this entry |
Add to del.icio.us | digg this
