Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

Password Insecurities Expand / Collapse
Author
Message
Posted Saturday, November 24, 2012 12:35 PM
Mr or Mrs. 500

Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500

Group: Administrators
Last Login: Monday, November 28, 2016 10:48 AM
Points: 569, Visits: 1,145
Comments posted to this topic are about the item Password Insecurities
Post #1388325
Posted Monday, November 26, 2012 3:19 AM
Hall of Fame

Hall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of Fame

Group: General Forum Members
Last Login: Today @ 12:44 PM
Points: 3,057, Visits: 3,779
When you have one or two passwords you can remember them. I have probably over 200 passwords so I write them down.

I actually keep then in an encrypted container, and use a 12-character random password for each site I am registered on, but passwords are still a pain.

Biometric data will just shift the pain, but will not eliminate it. We are still a long way off from having reliable biometric recognition, and when we do we will be no closer to being able to use it reliably. There will always be ways to fool the system, either by providing false credentials or by falsely changing the credential store.

I think we need to work towards a general acceptance that security cannot be absolute. Sites should look at what data they are recording that requires customers to be registered, and stop recording it. This may mean that one route to gain marketing intelligence would be closed, but other routes would open up.

The benefit of not needing to register to buy a train ticket or a SD card for my PC would mean the number of passwords I need could become small enough so that I can remember them.


Original author: SQL Server FineBuild 1-click install and best practice configuration of SQL Server 2016, 2014, 2012, 2008 R2, 2008 and 2005. 29 Aug 2016: now over 38,000 downloads.
Disclaimer: All information provided is a personal opinion that may not match reality.
Quote: "When I give food to the poor they call me a saint. When I ask why they are poor they call me a communist." - Archbishop Hélder Câmara
Post #1388495
Posted Monday, November 26, 2012 12:38 PM
SSC Eights!

SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!

Group: General Forum Members
Last Login: Today @ 8:21 AM
Points: 842, Visits: 2,184
At the same time we are being warned against common passwords across multiple accounts, sites (including, ironically Gawker (Gizmodo) who published some of that information) are forcing users to access the sites through amagalmated sign-ons, like Facebook, Disqus, Google which completely violate that principle.

The single identities add another risk because they share a common account ID across multiple sites, seemingly unrelated postings in different contexts could be used to gather a significant amount of 'leaked' personal information even without hacking their identity.


...

-- FORTRAN manual for Xerox Computers --
Post #1388794
Posted Monday, November 26, 2012 2:29 PM


Ten Centuries

Ten CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen Centuries

Group: General Forum Members
Last Login: Tuesday, September 16, 2014 2:03 PM
Points: 1,334, Visits: 3,069
This is exactly why I love KeePass 2.20. Not only does it generate 20 character secure passwords for you like zFLLsXUu3Cxjn2wy6Pys it also stores them in a central, safe and encrypted place where you won't forget what they are either. one of the most important free pieces of software you can have in your toolbox, bar none.

"Technology is a weird thing. It brings you great gifts with one hand, and it stabs you in the back with the other. ..."
Post #1388852
Posted Thursday, May 5, 2016 7:25 AM
SSCrazy Eights

SSCrazy EightsSSCrazy EightsSSCrazy EightsSSCrazy EightsSSCrazy EightsSSCrazy EightsSSCrazy EightsSSCrazy EightsSSCrazy EightsSSCrazy Eights

Group: General Forum Members
Last Login: Today @ 6:29 AM
Points: 8,313, Visits: 855
We're moving from a minimum of 7 (which can be broken in under a day) to a minimum of somewhere between 12 and 15. Also we are added an optional fingerprint scanner.
Post #1783599
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse