Password Help

In case you haven't heard, LinkedIn passwords were hacked and posted online. If you haven't changed your LinkedIn password since the attack, please stop reading and go do it now.

In reading about the attack, I sent a few friends a note as well to remind them that not only should they change their passwords, but that they should not be using the same password in multiple places. With more and more services intertwined, and more logins needed, it's no stretch to think that someone that manages to crack your password, or steal it, from one service might use it on another service. Especially banking services.

As data professionals, it's easy for us to preach to non-technical people the value of strong passwords, but it can be hard to get them to use them. Strong passwords are problematic for many people to remember and type, and we find that most people prefer the path of least resistance: one short password that's easy to remember.

This article talks about a few things that IT people can do to help educate others and make it easier for them to consider strong passwords. Inside of a company, we can try to implement more services and products that secure our systems, but if people continue to use the same password for their personal mail or favorite website, much of that might not matter.

Ultimately I think the best thing we can do is set a good example, and choose strong passwords stored in a password manager. Once people see that it's relatively easy to secure passwords with something like KeePass or Password Safe, they may give it a try. That may help keep our data just a little more secure.

Steve Jones

The Voice of the DBA Podcasts

We publish three versions of the podcast each day for you to enjoy.

Watch the Windows Media Podcast - 18.8MB WMV
Watch the iPod Video Podcast - 16.2MB MP4
Watch the MP3 Audio Podcast - 3.4MB MP3

Everyday Jones

The podcast feeds are available at sqlservercentral.mevio.com. Comments are definitely appreciated and wanted, and you can get feeds from there. Overall RSS Feed: or now on iTunes!

Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.

You can also follow Steve Jones on Twitter:

Lockdown or Let Them Free

by Steve Jones

SQLServerCentral.com

Editorial

Do we take security too far? Are we creating unnecessary rules for those that need to use the resources we support? Steve Jones talks today about security and how we might want to approach it when handling rights for developers.

★ ★ ★ ★ ★ ★ ★ ★ ★ ★

4.5 (2)

You rated this post out of 5. Change rating

2014-06-27 (first published: 2009-09-21)

217 reads

Discuss

Placing a Value on Data

by Steve Jones

SQLServerCentral.com

Editorial

What's your stolen data worth? It might be worth investigating, as Steve Jones suggests. Then you'll know how much you should be spending to protect it.

★ ★ ★ ★ ★ ★ ★ ★ ★ ★

You rated this post out of 5. Change rating

2009-08-05

66 reads

Discuss

The Danger of Algorithms

by Steve Jones

SQLServerCentral.com

Editorial

What problems occur because of the algorithm chosen to generate data? A new report says that social security numbers in the US can be predicted. Steve Jones has a few warnings about what algoriothms you choose.

★ ★ ★ ★ ★ ★ ★ ★ ★ ★

You rated this post out of 5. Change rating

2014-04-28 (first published: 2009-07-27)

326 reads

Discuss

Administering Securely

by Steve Jones

SQLServerCentral.com

Editorial

A common request is how can you secure SQL Server data and prevent the system administrator from viewing data. Steve Jones talks a little about the issue and how you can handle it.