Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Password Ninjas

By Steve Jones,

For the time being, passwords are the way that we authenticate users and secure most of our systems. There might be a better system in the future, but for now everyone needs to manage a series of logins and passwords, even if you have authentication for many systems linked through an internal domain or external system, like OpenID.

I think password managers are almost required these days to manage passwords for most people. I recently ran across an article on ArsTechnica where five security experts were asked how they manage their complex passwords across a multitude of services. Four of these experts use password managers of some sort, though there is quite a variety of them. One actually remembers passwords, though he tries to use proximity tokens and one time passwords when possible.

Bruce Schneier, one of the security writers I've followed for a long time uses Password Safe, which is what I use. However he also likes to use his own advice of long sentences turned into passwords and keeping backups of passwords on physical paper. I don't like writing down passwords, but if you can keep the paper secure (not stuck on a monitor or under a keyboard), it's an easy solution to use.

There are various ports on different operating systems and different methods to keep your files in sync, if you choose to do so. Two others use competing products (1Password and KeePass), but one uses a text file in an encrypted virtual disk image that he keeps on a USB key. I'm not sure I like that, but with proper backups, it's not a bad solution.

There is a variety of advice, but overall there's one thing to keep in mind: security is serious business. All the more so as we use various services more and more to conduct business in our daily lives. Losing a password that you share across multiple services could severely compromise your life. Whatever method you choose, stick to it and be careful in choosing your passwords.

Total article views: 256 | Views in the last 30 days: 3
 
Related Articles
FORUM

How to deploy SSIS package with connection manager password?

Connection Manager Password

FORUM

Passwords

Storing passwords securely

ARTICLE

Password Help

Passwords control most of our access to computer systems and provide some level of authentication, b...

BLOG

You Need to Manage Passwords

I saw a note this week from CNet about a system built to crack passwords (also on ArsTechnica). It r...

FORUM

Security Managemen Systems

problem with Security Managemen Systems

Tags
editorial    
passwords    
security    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones