Varying Degrees of Password Security



Last week we talked about creating strong passwords, but should we use different passwords for every site? It’s best practice to do just that. Do they all have to be really hard passwords? Again ideally, yes. So, how can we keep up password spreadsheet? Big sheet of paper? Password management program. Some advantages of password management programs are that many are equipped with encryption. In other words one password locks the whole list away. The bad news is if you lose or forget that password you are locked out of everything. Lists are generally bad because with access to your pc, your list is easy to get at.


I kind of like the “sheet of paper” approach. The only bad thing about that is that anyone sitting at your desk and finding your sheet can copy parts of it and then you’ve been compromised. The bottom line with this is if you do decide to manage passwords through a file on the computer or a piece of paper, treat it like you would the keys to a safety deposit box. Keep it VERY safe.

I take a bit of a different strategy. I have several (maybe 10 or so) frequently used passwords. Some of these passwords are throwaways, they protect meaningless stuff. Think about the cheap, useless locks you have on various things. CD cases, cheap briefcases, diaries. Now think about the serious deadbolt locks, usually in the real world, the bigger the lock, the more important or valuable item it’s protecting. So, mailinglist signups, low importance forums without https logins, anything that I either 1) don’t trust the site owner, 2) it’s a plain text login (no encryption, i.e. no https) and 3) it’s a “cheap win” if someone gains access. For instance, if the WORST thing someone can do is unsubscribe me from a mailing list, that’s not a big loss. The same goes for forum logins, the only benefit to gaining access would be to pose as me and post. Embarrassing, perhaps, but not usually this is not exactly worth wasting a really good password on.

So, I have 2-4 very weak passwords that I use for these.

Next up is the medium strength passwords, for those I use most of the day to day work that’s protecting moderately useful and slightly more valuable locations. I need to see https on a site to use these unless I trust the network between me and the site (and trust the site as well.) Again, I have about 4 of these…

The hard passwords I save for the most important things. These I have maybe 4 of as well. These are for the items that I would be most at a loss if it were compromised. Of course, one of the tricks if you knew me and IF you were able to find out what passwords I use and IF you were able to discern which I capitalized and which I mix case in…. you would still have to go through at least 12 combinations for each login. That would happen really quick with cracking software, but…

Anyway, that’s how I manage to keep at least some sanity when it comes to dealing with remembering passwords for all the various things I do online.

Related Posts

Blog Traffic Exchange Related Posts
  • Another wolf in sheeps clothing I did an article a while back on "wolves in sheeps clothing" software that poses as security software but will usually turn around and bite you. Sunbeltblog has a post on another fake security center site. Keep an eye peeled for these, information is power in protecting yourself against this......
  • Windows lost administrator password rundown.... I've done one or two mentions in the past of ways to recover/reset lost windows passwords and thought it was probably time for another "brain dump/web research dump" of things that I've run across. This is not just for lost administrator passwords, but could apply to a lost user account......
  • Ranking for a Search Phrase in Google I guess by now you've noticed that I'm not keeping up with the 1 post a week rate that I had for a while there. I've been thinking that at this point I'm going to be getting in one a month or so. More if the mood strikes, but from......
Blog Traffic Exchange Related Websites
  • Acquiring Targeted Backlinks Regularly It doesn't really matter what niche you're targeting with your website, if you want to make it successful, you will have to get it in front of your target audience. In other words, driving targeted traffic to your site should be your number one priority; and what better way to......
  • Peacock Gap Golf Course Peacock Gap Golf Course is located in San Rafael, CA Phone: (415) 453-4940 ext. 18 Website: https://www.peacockgapgc.com/golf/index.html Course History: The course was designed in 1959 by William F. Bell. The course underwent reconstruction and renovation in 2006 which is currently being completed. The course is over 6200 yards in length......
  • 3 Tips for Securing and Remembering Your Passwords I recently had a few friends that had their email accounts hacked. I provided them with a few tips for creating unique, easy-to-remember, and secure passwords. Afterwards, I thought it would be a good idea to share those tips with the rest of you. Use an Easy to Remember......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site