InstantForum.NET v2.9.0SQLServerCentralhttp://www.sqlservercentral.com/Forums/notifications@sqlservercentral.comTue, 18 Jun 2013 00:59:36 GMT20http://www.sqlservercentral.com/Forums/Topic1388325-263-1.aspxThis is exactly why I love KeePass 2.20. Not only does it generate 20 character secure passwords for you like zFLLsXUu3Cxjn2wy6Pys it also stores them in a central, safe and encrypted place where you won't forget what they are either. one of the most important free pieces of software you can have in your toolbox, bar none. :-DMon, 26 Nov 2012 14:29:00 GMTTravisDBAhttp://www.sqlservercentral.com/Forums/Topic1388325-263-1.aspxAt the same time we are being warned against common passwords across multiple accounts, sites (including, ironically Gawker (Gizmodo) who published some of that information) are forcing users to access the sites through amagalmated sign-ons, like Facebook, Disqus, Google which completely violate that principle.The single identities add another risk because they share a common account ID across multiple sites, seemingly unrelated postings in different contexts could be used to gather a significant amount of 'leaked' personal information even without hacking their identity.Mon, 26 Nov 2012 12:38:12 GMTjay-hhttp://www.sqlservercentral.com/Forums/Topic1388325-263-1.aspxWhen you have one or two passwords you can remember them. I have probably over 200 passwords so I write them down.I actually keep then in an encrypted container, and use a 12-character random password for each site I am registered on, but passwords are still a pain.Biometric data will just shift the pain, but will not eliminate it. We are still a long way off from having reliable biometric recognition, and when we do we will be no closer to being able to use it reliably. There will always be ways to fool the system, either by providing false credentials or by falsely changing the credential store.I think we need to work towards a general acceptance that security cannot be absolute. Sites should look at what data they are recording that requires customers to be registered, and stop recording it. This may mean that one route to gain marketing intelligence would be closed, but other routes would open up.The benefit of not needing to register to buy a train ticket or a SD card for my PC would mean the number of passwords I need could become small enough so that I can remember them.Mon, 26 Nov 2012 03:19:24 GMTEdVassiehttp://www.sqlservercentral.com/Forums/Topic1388325-263-1.aspxComments posted to this topic are about the item [B]<A HREF="/articles/Editorial/95224/">Password Insecurities</A>[/B]Sat, 24 Nov 2012 12:35:22 GMTTony Davis