SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Password Ninjas

By Steve Jones,

For the time being, passwords are the way that we authenticate users and secure most of our systems. There might be a better system in the future, but for now everyone needs to manage a series of logins and passwords, even if you have authentication for many systems linked through an internal domain or external system, like OpenID.

I think password managers are almost required these days to manage passwords for most people. I recently ran across an article on ArsTechnica where five security experts were asked how they manage their complex passwords across a multitude of services. Four of these experts use password managers of some sort, though there is quite a variety of them. One actually remembers passwords, though he tries to use proximity tokens and one time passwords when possible.

Bruce Schneier, one of the security writers I've followed for a long time uses Password Safe, which is what I use. However he also likes to use his own advice of long sentences turned into passwords and keeping backups of passwords on physical paper. I don't like writing down passwords, but if you can keep the paper secure (not stuck on a monitor or under a keyboard), it's an easy solution to use.

There are various ports on different operating systems and different methods to keep your files in sync, if you choose to do so. Two others use competing products (1Password and KeePass), but one uses a text file in an encrypted virtual disk image that he keeps on a USB key. I'm not sure I like that, but with proper backups, it's not a bad solution.

There is a variety of advice, but overall there's one thing to keep in mind: security is serious business. All the more so as we use various services more and more to conduct business in our daily lives. Losing a password that you share across multiple services could severely compromise your life. Whatever method you choose, stick to it and be careful in choosing your passwords.

Total article views: 271 | Views in the last 30 days: 1
Related Articles

Managing Passwords

This week Troy Hunt provides updated password guidelines, but Steve Jones notes many of us are in th...


How to deploy SSIS package with connection manager password?

Connection Manager Password



Storing passwords securely


Password Help

Passwords control most of our access to computer systems and provide some level of authentication, b...


The Secret Password

The secret passwords we store in systems might be secure from discovery, but are they secure from us...