Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Don't Share Passwords Across Sites

By Steve Jones,

This is one of those things that drives me somewhat crazy. I've slowly gotten my wife away from the habit, and I've been trying to instill this in my kids. Using passwords across sites, even non-secure ones, is a bad idea.

Last week Yahoo was hacked, with thousands of accounts being compromised. However the attack is having a ripple effect, with the same users having the same passwords on other sites run by Google, Hotmail, Live, Verizon, and other companies. If you have an account on Yahoo, make sure that you have changed passwords on other sites. And please don't use the same password again.

Password security is a hot button, and I've written about it before, with some great comments in the discussions. It's not just on web applications, but also applications within your company. I'd be concerned that system administrators might use the same password (or variation of it) on their secure account that the might use on the GMail account. The problem with this is that if GMail is hacked, it's entirely possible that your internal systems might be compromised.

Do yourself a favor, and others, and preach the benefits of using a password tool of some sort. Password Safe and KeePass seem to be the most popular, with ports across many platforms. They're easy to use, and while they might not be perfectly secure, they are more secure than you using the same password, or easy to crack passwords, on various systems.

Steve Jones

Total article views: 85 | Views in the last 30 days: 1
 
Related Articles
FORUM

Passwords

Storing passwords securely

BLOG

Weak Passwords Discovered in the 10,000 Disclosed Hotmail/Live.com/MSN leaked accounts

By now, hopefully everyone has heard of the security breach where accounts and passwords were found ...

ARTICLE

Securing the SA Account in SQL Server 2005

SQL Server 2005 has greatly changed the security paradigm for SQL Server DBAs. The sa account still ...

ARTICLE

Password Help

Passwords control most of our access to computer systems and provide some level of authentication, b...

ARTICLE

Should You Write Down Your Passwords?

Today we have an older editorial by Steve Jones being republished. This piece talks about security a...

Tags
database weekly    
editorial    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones