Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Password Insecurities


Password Insecurities

Author
Message
Tony Davis
Tony Davis
SSChasing Mays
SSChasing Mays (643 reputation)SSChasing Mays (643 reputation)SSChasing Mays (643 reputation)SSChasing Mays (643 reputation)SSChasing Mays (643 reputation)SSChasing Mays (643 reputation)SSChasing Mays (643 reputation)SSChasing Mays (643 reputation)

Group: Administrators
Points: 643 Visits: 1152
Comments posted to this topic are about the item Password Insecurities
EdVassie
EdVassie
Hall of Fame
Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)

Group: General Forum Members
Points: 3656 Visits: 3829
When you have one or two passwords you can remember them. I have probably over 200 passwords so I write them down.

I actually keep then in an encrypted container, and use a 12-character random password for each site I am registered on, but passwords are still a pain.

Biometric data will just shift the pain, but will not eliminate it. We are still a long way off from having reliable biometric recognition, and when we do we will be no closer to being able to use it reliably. There will always be ways to fool the system, either by providing false credentials or by falsely changing the credential store.

I think we need to work towards a general acceptance that security cannot be absolute. Sites should look at what data they are recording that requires customers to be registered, and stop recording it. This may mean that one route to gain marketing intelligence would be closed, but other routes would open up.

The benefit of not needing to register to buy a train ticket or a SD card for my PC would mean the number of passwords I need could become small enough so that I can remember them.

Original author: SQL Server FineBuild 1-click install and best practice configuration of SQL Server 2017 2016, 2014, 2012, 2008 R2, 2008 and 2005. 1 Dec 2016: now over 39,000 downloads.
Disclaimer: All information provided is a personal opinion that may not match reality.
Quote: "When I give food to the poor they call me a saint. When I ask why they are poor they call me a communist." - Archbishop Hélder Câmara
jay-h
jay-h
Ten Centuries
Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)

Group: General Forum Members
Points: 1142 Visits: 2253
At the same time we are being warned against common passwords across multiple accounts, sites (including, ironically Gawker (Gizmodo) who published some of that information) are forcing users to access the sites through amagalmated sign-ons, like Facebook, Disqus, Google which completely violate that principle.

The single identities add another risk because they share a common account ID across multiple sites, seemingly unrelated postings in different contexts could be used to gather a significant amount of 'leaked' personal information even without hacking their identity.

...

-- FORTRAN manual for Xerox Computers --
TravisDBA
TravisDBA
SSCommitted
SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)

Group: General Forum Members
Points: 1556 Visits: 3069
This is exactly why I love KeePass 2.20. Not only does it generate 20 character secure passwords for you like zFLLsXUu3Cxjn2wy6Pys it also stores them in a central, safe and encrypted place where you won't forget what they are either. one of the most important free pieces of software you can have in your toolbox, bar none. :-D

"Technology is a weird thing. It brings you great gifts with one hand, and it stabs you in the back with the other. ...:-D"
Iwas Bornready
Iwas Bornready
SSCrazy Eights
SSCrazy Eights (10K reputation)SSCrazy Eights (10K reputation)SSCrazy Eights (10K reputation)SSCrazy Eights (10K reputation)SSCrazy Eights (10K reputation)SSCrazy Eights (10K reputation)SSCrazy Eights (10K reputation)SSCrazy Eights (10K reputation)

Group: General Forum Members
Points: 9972 Visits: 885
We're moving from a minimum of 7 (which can be broken in under a day) to a minimum of somewhere between 12 and 15. Also we are added an optional fingerprint scanner.
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search