SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Don't Share Passwords Across Sites

By Steve Jones,

This is one of those things that drives me somewhat crazy. I've slowly gotten my wife away from the habit, and I've been trying to instill this in my kids. Using passwords across sites, even non-secure ones, is a bad idea.

Last week Yahoo was hacked, with thousands of accounts being compromised. However the attack is having a ripple effect, with the same users having the same passwords on other sites run by Google, Hotmail, Live, Verizon, and other companies. If you have an account on Yahoo, make sure that you have changed passwords on other sites. And please don't use the same password again.

Password security is a hot button, and I've written about it before, with some great comments in the discussions. It's not just on web applications, but also applications within your company. I'd be concerned that system administrators might use the same password (or variation of it) on their secure account that the might use on the GMail account. The problem with this is that if GMail is hacked, it's entirely possible that your internal systems might be compromised.

Do yourself a favor, and others, and preach the benefits of using a password tool of some sort. Password Safe and KeePass seem to be the most popular, with ports across many platforms. They're easy to use, and while they might not be perfectly secure, they are more secure than you using the same password, or easy to crack passwords, on various systems.

Steve Jones

Total article views: 88 | Views in the last 30 days: 1
Related Articles


Storing passwords securely


Weak Passwords Discovered in the 10,000 Disclosed Hotmail/Live.com/MSN leaked accounts

By now, hopefully everyone has heard of the security breach where accounts and passwords were found ...


Password for SQL Server Service Accounts

I wrote recently about my philosophy for service accounts, and wanted to add a few more thoughts. S...


Securing the SA Account in SQL Server 2005

SQL Server 2005 has greatly changed the security paradigm for SQL Server DBAs. The sa account still ...


Password Help

Passwords control most of our access to computer systems and provide some level of authentication, b...

database weekly