Click here to monitor SSC
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in
Home       Members    Calendar    Who's On

Add to briefcase

Password Insecurities Expand / Collapse
Posted Saturday, November 24, 2012 12:35 PM
Mr or Mrs. 500

Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500

Group: Administrators
Last Login: Tuesday, February 2, 2016 9:27 AM
Points: 569, Visits: 1,116
Comments posted to this topic are about the item Password Insecurities
Post #1388325
Posted Monday, November 26, 2012 3:19 AM


Group: General Forum Members
Last Login: Today @ 5:41 AM
Points: 2,978, Visits: 3,545
When you have one or two passwords you can remember them. I have probably over 200 passwords so I write them down.

I actually keep then in an encrypted container, and use a 12-character random password for each site I am registered on, but passwords are still a pain.

Biometric data will just shift the pain, but will not eliminate it. We are still a long way off from having reliable biometric recognition, and when we do we will be no closer to being able to use it reliably. There will always be ways to fool the system, either by providing false credentials or by falsely changing the credential store.

I think we need to work towards a general acceptance that security cannot be absolute. Sites should look at what data they are recording that requires customers to be registered, and stop recording it. This may mean that one route to gain marketing intelligence would be closed, but other routes would open up.

The benefit of not needing to register to buy a train ticket or a SD card for my PC would mean the number of passwords I need could become small enough so that I can remember them.

Original author: SQL Server FineBuild 1-click install and best practice configuration of SQL Server 2016, 2014, 2012, 2008 R2, 2008 and 2005. 1 February 2016: now over 36,000 downloads.
Disclaimer: All information provided is a personal opinion that may not match reality.
Concept: "Pizza Apartheid" - the discrimination that separates those who earn enough in one day to buy a pizza if they want one, from those who can not.
Post #1388495
Posted Monday, November 26, 2012 12:38 PM
SSC Eights!

SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!

Group: General Forum Members
Last Login: Wednesday, February 3, 2016 1:27 PM
Points: 818, Visits: 2,124
At the same time we are being warned against common passwords across multiple accounts, sites (including, ironically Gawker (Gizmodo) who published some of that information) are forcing users to access the sites through amagalmated sign-ons, like Facebook, Disqus, Google which completely violate that principle.

The single identities add another risk because they share a common account ID across multiple sites, seemingly unrelated postings in different contexts could be used to gather a significant amount of 'leaked' personal information even without hacking their identity.


-- FORTRAN manual for Xerox Computers --
Post #1388794
Posted Monday, November 26, 2012 2:29 PM

Ten Centuries

Ten CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen Centuries

Group: General Forum Members
Last Login: Tuesday, September 16, 2014 2:03 PM
Points: 1,334, Visits: 3,069
This is exactly why I love KeePass 2.20. Not only does it generate 20 character secure passwords for you like zFLLsXUu3Cxjn2wy6Pys it also stores them in a central, safe and encrypted place where you won't forget what they are either. one of the most important free pieces of software you can have in your toolbox, bar none.

"Technology is a weird thing. It brings you great gifts with one hand, and it stabs you in the back with the other. ..."
Post #1388852
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse