Friday, January 23, 2015

In 2015, Fix Your Passwords

With all the news recently about hacks, ISIS hacking CentCom's Twitter and YouTube accounts, SONY, Target, and on and on, and related stories about NSA dragnet surveillance, there is one central connection: bad passwords.

SplashData, an Internet security services firm, has released its annual list of the 25 worst Internet passwords.

Most "hacks" are not really hacks, but people guessing lousy passwords.
Guessing voicemail passwords? Not really a hack.
That college student made an educated guess at Palin's password. Sorry, not a hack!
There was also this important story about the importance of password privacy.
New Illinois Law Forces Students to Give Up Social Media Passwords….Or Face Criminal Charges
So I wrote
which is what Security in a Box also recognizes (emphasis mine)
Note: By using KeePass all the time, you never actually have to see or know what your password is. The copy/paste functions take care of moving it from the database to the required window. If you use the Random Generator feature and then transfer this password to a new email account registration process, you will be using a password that you have never seen in plain view. And it still works!
Because the key to many encryption features is a strong password, password managers are really important.  Security in a Box has a great guide to KeePass, which I use.

It's very simple to use.  You have one master password, which you can write down and keep at home, or memorize that one password which stores you other dozen passwords.

You add entries based on account type (you can mix and match anything, that doesn't really matter). I originally thought that KeePass logs you in automatically, but that is not how it works, you essentially just copy and paste the password into your login screen.

The beauty of KeePass is not having to remember secure passwords.

No comments:

Post a Comment