Varying Degrees of Password Security



Last week we talked about creating strong passwords, but should we use different passwords for every site? It’s best practice to do just that. Do they all have to be really hard passwords? Again ideally, yes. So, how can we keep up password spreadsheet? Big sheet of paper? Password management program. Some advantages of password management programs are that many are equipped with encryption. In other words one password locks the whole list away. The bad news is if you lose or forget that password you are locked out of everything. Lists are generally bad because with access to your pc, your list is easy to get at.


I kind of like the “sheet of paper” approach. The only bad thing about that is that anyone sitting at your desk and finding your sheet can copy parts of it and then you’ve been compromised. The bottom line with this is if you do decide to manage passwords through a file on the computer or a piece of paper, treat it like you would the keys to a safety deposit box. Keep it VERY safe.

I take a bit of a different strategy. I have several (maybe 10 or so) frequently used passwords. Some of these passwords are throwaways, they protect meaningless stuff. Think about the cheap, useless locks you have on various things. CD cases, cheap briefcases, diaries. Now think about the serious deadbolt locks, usually in the real world, the bigger the lock, the more important or valuable item it’s protecting. So, mailinglist signups, low importance forums without https logins, anything that I either 1) don’t trust the site owner, 2) it’s a plain text login (no encryption, i.e. no https) and 3) it’s a “cheap win” if someone gains access. For instance, if the WORST thing someone can do is unsubscribe me from a mailing list, that’s not a big loss. The same goes for forum logins, the only benefit to gaining access would be to pose as me and post. Embarrassing, perhaps, but not usually this is not exactly worth wasting a really good password on.

So, I have 2-4 very weak passwords that I use for these.

Next up is the medium strength passwords, for those I use most of the day to day work that’s protecting moderately useful and slightly more valuable locations. I need to see https on a site to use these unless I trust the network between me and the site (and trust the site as well.) Again, I have about 4 of these…

The hard passwords I save for the most important things. These I have maybe 4 of as well. These are for the items that I would be most at a loss if it were compromised. Of course, one of the tricks if you knew me and IF you were able to find out what passwords I use and IF you were able to discern which I capitalized and which I mix case in…. you would still have to go through at least 12 combinations for each login. That would happen really quick with cracking software, but…

Anyway, that’s how I manage to keep at least some sanity when it comes to dealing with remembering passwords for all the various things I do online.

Related Posts

Blog Traffic Exchange Related Posts
  • Ranking for a Search Phrase in Google I guess by now you've noticed that I'm not keeping up with the 1 post a week rate that I had for a while there. I've been thinking that at this point I'm going to be getting in one a month or so. More if the mood strikes, but from......
  • Google cache revealing critical personal infromation A while back I did an article on using Google search in some slightly more advanced ways, as well as a link to a site of specific Google searches. I've come across something in the Handlers diary at Incidents.org that is worth knowing about. The entry in question details that......
  • So many things so little time.... I feel like I've done this article so many times in the past.... there are so many things I'm hoping to post and time seems to evaporate before my very eyes. This afternoon I hope to be posting a few things that have been on that list. I also have......
Blog Traffic Exchange Related Websites
  • 3 Tips for Securing and Remembering Your Passwords I recently had a few friends that had their email accounts hacked. I provided them with a few tips for creating unique, easy-to-remember, and secure passwords. Afterwards, I thought it would be a good idea to share those tips with the rest of you. Use an Easy to Remember......
  • Is Wordpress or Blogger Right For Corporate Blogs There is a lot of controversy over which blogging platform is ideal for corporate blogs. With so many schools of thought on the matter, it can be difficult to figure out which one you should be using. We have two main favorites, Blogger and Wordpress, and both are very well......
  • Acquiring Targeted Backlinks Regularly It doesn't really matter what niche you're targeting with your website, if you want to make it successful, you will have to get it in front of your target audience. In other words, driving targeted traffic to your site should be your number one priority; and what better way to......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site