Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
Log in  ::  Register  ::  Not logged in

Don't Share Passwords Across Sites

By Steve Jones,

This is one of those things that drives me somewhat crazy. I've slowly gotten my wife away from the habit, and I've been trying to instill this in my kids. Using passwords across sites, even non-secure ones, is a bad idea.

Last week Yahoo was hacked, with thousands of accounts being compromised. However the attack is having a ripple effect, with the same users having the same passwords on other sites run by Google, Hotmail, Live, Verizon, and other companies. If you have an account on Yahoo, make sure that you have changed passwords on other sites. And please don't use the same password again.

Password security is a hot button, and I've written about it before, with some great comments in the discussions. It's not just on web applications, but also applications within your company. I'd be concerned that system administrators might use the same password (or variation of it) on their secure account that the might use on the GMail account. The problem with this is that if GMail is hacked, it's entirely possible that your internal systems might be compromised.

Do yourself a favor, and others, and preach the benefits of using a password tool of some sort. Password Safe and KeePass seem to be the most popular, with ports across many platforms. They're easy to use, and while they might not be perfectly secure, they are more secure than you using the same password, or easy to crack passwords, on various systems.

Steve Jones

Total article views: 87 | Views in the last 30 days: 1
Related Articles


Storing passwords securely


Weak Passwords Discovered in the 10,000 Disclosed Hotmail/ leaked accounts

By now, hopefully everyone has heard of the security breach where accounts and passwords were found ...


Password for SQL Server Service Accounts

I wrote recently about my philosophy for service accounts, and wanted to add a few more thoughts. S...


Securing the SA Account in SQL Server 2005

SQL Server 2005 has greatly changed the security paradigm for SQL Server DBAs. The sa account still ...


Password Help

Passwords control most of our access to computer systems and provide some level of authentication, b...

database weekly    

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones