05-19-2005, 01:00 AM
|
|
Swami
Join Date: Feb 2004
Posts: 4,303
|
|
Password Security: Apparently We've Heard of It.
"Americans are just as blas� about password security as the Brits, according to a new survey. Two out three three people (180 of 272) approached in a downtown San Francisco street by researchers were happy to provide their password in exchange for a coffee gift card. . . Of all respondents, 57 per cent reported having four or more passwords, and 79 per cent reported using the same password for multiple websites or applications, a practice that means one stolen password could jeopardise multiple accounts. The survey also found that some people continue to store passwords on Post-it notes. Other popular locations for passwords include the contacts folder of email applications, on PDAs and in the notes function of a mobile phone."
PDAs are popular locations for password storage? Fancy that! With the number of passwords we have to remember these days, is there any better way than having them encrypted into your Pocket PC? The question is, did people really give out their real password to the researchers? We all know that people can be a bit lax with their security details, but giving out your password for a gift card seems to be taking the biscuit. (It probably goes well with the coffee ;-)) So how many separate passwords are you guys keeping track of at the moment?
|
| |
|
|
|
05-19-2005, 02:03 AM
|
|
Pupil
Join Date: Apr 2004
Posts: 16
|
|
I have at least 4 different password "sets" going on at any one time. I use them in sets of similar passwords to compartmentalize things. i.e. I have one set that may all be similar or relative for work, one set for home computer usage, one for online email accounts, one for forum logins, etc.
Going through CISSP training and reading any Bruce Schneier will make a paranoid believer out of you :wink:
Sax
|
| |
|
|
|
05-19-2005, 02:31 AM
|
|
Oracle
Join Date: Aug 2006
Posts: 866
|
|
I have two main ones, and a third that I sometimes use. Two of them are alphanumeric, and the other is just words.
I also have a forth, but use it very rarely now.
|
| |
|
|
|
05-19-2005, 02:37 AM
|
|
Pupil
Join Date: May 2005
Posts: 18
|
|
Quote:
|
Originally Posted by Saxmoore
I have at least 4 different password "sets" going on at any one time. I use them in sets of similar passwords to compartmentalize things. i.e. I have one set that may all be similar or relative for work, one set for home computer usage, one for online email accounts, one for forum logins, etc.
|
I do something similar. But in addition, for the really strong stuff, I'll have my password safe generate a funky random password with punctuation and all that. Then I'll do cool things like having the software pass the password to the an application on the command line so I never have to type it in or whatever. I highly recommend KeePass for secure password storage. Not to mention that it helps me keep my "low security" passwords straight in case I forget which one I used. There is a Windows and a PPC version too.
Quote:
|
Going through CISSP training and reading any Bruce Schneier will make a paranoid believer out of you :wink:
|
Ain't that the truth. 
|
| |
|
|
|
05-19-2005, 03:44 AM
|
|
Pontificator
Join Date: Aug 2006
Posts: 1,162
|
|
Re: Password Security: Apparently We've Heard of It.
Quote:
|
Originally Posted by Jonathon Watkins
We all know that people can be a bit lax with their security details, but giving out your password for a gift card seems to be taking the biscuit.
|
How do they confirm that it is a real password? I'd be tempted at least to lie and give out a fake password for gift card.
|
| |
|
|
|
05-19-2005, 04:53 AM
|
|
Thinker
Join Date: Aug 2006
Posts: 355
|
|
Between home, personal web browsing, business web browsing and work networks/application access, banking/cash machines/credit card pin's, I estimate that I have at least 15-18 passwords on the go at any given time. Lower priority passwords are typically the same, or with very minor variations - most of the work passwords are more random in construction, and again, I use slight variations between network and application access passwords. Banking passwords are typically random generated 10-12 character passwords which are impossible to remember! Only way to keep it all safe (and sorted!) is in encrypted file (eWallet) on PDA, which also has a password! :mrgreen: I find myself referring to the file at least once a week because I have so many passwords, deliberately different, that it is hard to keep them all straight. Luckily, I haven't had to have passwords reset too often because I always have them handy in my PDA.....at least for as long as I remember the eWallet password..... :wink:
|
| |
|
|
|
05-19-2005, 06:55 AM
|
|
Pupil
Join Date: Aug 2007
Posts: 37
|
|
Password
Can I give you my password for a free PPCT subscription? 
|
| |
|
|
|
05-19-2005, 07:39 AM
|
|
Pupil
Join Date: Mar 2004
Posts: 11
|
|
Oh man...I was thinking about this the other day...
For personal use I probably have 10 or so login and email passwords. Combine that with work...another 20-ish... I probably have to keep track of upwards of 30 seperate passwords 8O.
I do compartmentalize some of them, using similar passwords for similar areas, but still I would be lost without encryping them on my PDA. At least then I need to only remeber one password.
So when my iPAQ was stolen nearly 2 years ago, it really hurt having to come up with all new passwords. (Feel free to call me paranoid...even with the encryption on my poor stolen iPAQ I still felt the need to reset them all :lol: ).
|
| |
|
|
|
05-19-2005, 07:44 AM
|
|
Swami
Join Date: May 2004
Posts: 4,396
|
|
Re: Password Security: Apparently We've Heard of It.
Quote:
|
Originally Posted by Jonathon Watkins
"Two out three three people (180 of 272) approached in a downtown San Francisco street by researchers were happy to provide their password in exchange for a coffee gift card. . ."
|
I'm curious exactly what password they asked for. As others have said, lots of people have multiple passwords, so knowing some random password wouldn't help unless you knew what it was for.
Like others, I keep classes of passwords. I have one for forums and other places where money isn't involved, another one for eCommerce sites and another one for high-security items (my router, eWallet, etc.). Even that one, at 10 characters, isn't too difficult to remember -- it's somebody's initials (not mine :-D), my ATM PIN and three letters that I easily remember. I've narrowed it down to just over 3 trillion (US) possibilities, so guess away. :lol:
None of the passwords use words, though, so they aren't subject to standard dictionary attacks.
Steve
|
| |
|
|
|
05-19-2005, 07:46 AM
|
|
Swami
Join Date: May 2004
Posts: 4,396
|
|
Re: Password
Quote:
|
Originally Posted by cuteseal
Can I give you my password for a free PPCT subscription? |
Sure, PM it to me. :rotfl:
Steve
|
| |
|
|
|
|
|
Linear Mode
