Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

How Many Passwords?

By Steve Jones,

 How many user names and passwords do you have? If you're like me, you have a lot of them. Actually I don't have too many user names, sticking with "Steve Jones", "sjones" or my well known "way0utwest" for my logins. However I do try to have as many passwords as I have logins. Using my Password Safe utility, I count 265 items in my personal safe and 176 in my business one. Some of those are old and dead, but quite a few of them I use on a regular basis.

That's similar to what Keith Combs notes in his blog post on IDs and passwords. He has 172, though I'm sure that number has crept up since he wrote the post. The piece links over to a few identity discussions from others at Microsoft that are trying to make identifying users and managing security easier. In the Microsoft world I think that works well, but the larger world outside of Microsoft software requires a bit more work for most of us.

The original piece was written awhile back, and since that time, I've come to find that more and more of my logins are authorization links from one of the large companies (Microsoft, Google, Facebook, Twitter), with some sort of token that allows me to login. I have my Live account working on a number of Microsoft based services, but my Google account crossing their platform to Gravitar and StackExchange. My Twitter and Facebook accounts are linked to a few places, though I'm careful about which one of those I link to which application or service.

Using passwords, moving to application links from a platform, and even now adding two factor authentication with a mobile phone makes me think that we are not necessarily finding a better way of managing authentication. Perhaps we are making things much more complex without creating any more security.

I don't know what the future will bring, but I suspect that many of our current methods of providing security will prove to be inadequate. I'm hoping that we find out on some services like Funny or Die or ESPN, and not because people find ways to jump from external applications to internal servers like Exchange or SQL Server.

Total article views: 124 | Views in the last 30 days: 1
 
Related Articles
FORUM

login issue from application

can not login from application

FORUM

User logins versus service account

User logins versus service account

FORUM

changing passwords at next login?

How do users change passwords at next login when they are sql server logins?

SCRIPT

Login Password Policy

This script lists all of the SQL logins with their password policy

FORUM

Reset Password for linked server login

Reset Password for linked server login

Tags
editorial    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones