So we all know the drill for passwords:
- Make them unique, don’t use the same password twice.
- Change them every month or so.
- Make them complex, paraphrases are good.
I’m sorry, your reality cheque just bounced. Lets be conservative and say I have about twenty usernames and passwords for online sites including things like my blog, my personal e-mail, Passport and the like.
Because I am a consultant I also am actively managing between five to ten passwords to access client systems on top of my Readify username and password. I am forced to cycle each of these every one to two months and if I don’t lock out occurs. The cute thing about lock out is that it typically requires me to call an outsourced service provider over an unencrypted telephone network (no – I don’t have a speak easy sitting on my desk – and the help desk operator definately doesn’t).
So what is the solution? A password manager? Essentially a password manager hopes to defend multiple passwords through one super strong paraphrase-style password. That doesn’t make me terribly comfortable, but even if I could get over it I have a more serious problem to contend with.
For example – most password managers run on your local machine and require you to back up their data files (no problem). But what happens when I forget my laptop? Occasionally I go into high security sites where I can’t bring in my laptop or mobile phone - what do I do then? Should I load the data onto the Internet? Now I am feeling really uncomfortable!
The reality is that the security guys demand that we use complex and unique passwords but don’t consider how well that scales in reality. The only way a mortal can cope is by deliberately weakening their passwords so they can remember them.
What is the solution? Until strong biometrics are everywhere I don’t think there is one!
One approach i use is to focus on the password, rather than on the system. So, i have three passwords. One for systems that i use casually and don’t really care about. Eg websites and memberships. The next password is for systems that i actually care about and wouldn’t want someone to have the password to. Eg my passport account and email. The third password is for critical things that really noone must know about. Eg, root access to company/client systems.
You then only have three passwords to remember. To make it a tad more secure, you just add an acronym for the system you’re currently on to the end of the password to make sure they’re not all the same.
Before we all recoil in horror at this apprach, lets ask ourselves: Do people really know or care about all the systems we’re using to be able to track our passwords ? Paranoia is just that. btw, the bird flu is probably not going to kill all of us either.
I think it’s useful to have multiple passwords for your accounts and also changing them whenever you think you need to. It’s really easy to hack into someone’s account especially when the passwords you use are the same, and that they are predictable.
http://www.big-pikken-ledig.pupp2pupp.com ## http://www.porno-aylar-sexmovie.pupp2pupp.com ## http://www.sexen-brutal-comix.pupp2pupp.com ## http://www.onbeschrijfelijk-meisje-liefde.marsturberend.com ## http://www.onbeschrijfelijk-meisje-poesje.marsturberend.com ## http://www.onbeschrijfelijk-meisje-sex.marsturberend.com ## http://www.orgasmin-girl-ylaosaton.lateksi.com ## http://www.naisen-sidonta-siitin.lateksi.com ## http://www.kyproksen-matkailukohteet-sukupuoli.lateksi.com ## http://www.ematin-koirauutiset.kolmistaan.com ## http://www.derbi-viritys-peraaukon.kolmistaan.com ## http://www.saunassa-video-lesbisk.kolmistaan.com ## http://www.familiesex-historier-amatorvideo.knulle-noen.com ## http://www.penis-shkurtefejza.knulle-noen.com ## http://www.bisexual-baksex.knulle-noen.com ## http://www.genomtrangande-uppsparrade-rovhal.knulla-nagon.com ## http://www.tva-tjejer-dick.knulla-nagon.com ## http://www.fulla-bilder-vagina.knulla-nagon.com ## http://www.onbeschrijfelijk-meisje-neuke.grote-pikken.com ## http://www.onbeschrijfelijk-meisje-plassend.grote-pikken.com ## http://www.onbeschrijfelijk-meisjes.grote-pikken.com ##