 |
IQ Crew
Thursday November 12, 2009 3:24:32 PM
Good idea. I actually like taking a few letters from the website I'm on and add it to that special password, makes it even more difficult. if my password is M0use I could make the one here, the first 3 letters of IE is "Int" so I would use: Int_M0use -- thus I have a pretty strong password :)
IQ Crew
Thursday November 12, 2009 3:09:13 PM
The BEST practice is to get rid of it all together and use 2 factor. I wish that Paypal would open their API so that vendors could just have a user check their paypal token for any login...$5 is a small investment to make for piece of mind. Barrin that, best corporate practice is to set a policy ad force change periodically with enforced length and composition rules.
If you're a home user, I would strongly suggest an Single Sign On (SSO) wallet http://keepass.info/ seems to be a reasonable one (of many).
Some are suggesting that you isolate your interactions on the net and not use a net connected computer for your financial systems at home (such as Quicken, etc.). I tend to agree. Netbooks are cheap and you can restore em if they get corrupted, pwned, etc.
Rank: Cave Painter
Thursday November 5, 2009 10:18:35 PM
I agree but there are a lot of users that use a computer in there job, that could care less about security ===like a lot of "Gov workers"!!!!
Thinkernetter
Thursday November 5, 2009 6:40:55 PM
Hank,
To be perfectly honest with you, I am a proponent that not everyone should use the Internet. If a person does not have the aptitude to remember their password after changing it, they are probably contributing to the other problems plaguing internet security.
IQ Crew
Thursday November 5, 2009 5:22:37 PM
I like this post because it simplifies things for people. I think people are so used to hearing that they have to have super complex passwords and change them every 42 days etc, that they feel they could never keep up. While what you are suggesting here isn't going to fix every password related problem, it will make a dent. Getting people to change their passwords 2x a year is probably 2x more than they are currently doing it and that can only make things better.
Rank: Cave Painter
Thursday November 5, 2009 1:09:19 AM
Use MashedLife.com, please. Problem solved, case closed.
It does "exactly" what I want as a password management service. Finally somebody really gets it in this area.
Check their reviews on Mashable, TechCrunch, ...
You will love it. I find myself addicted to it instantly. Using from my iPhone, on my 7 computers from Linux, Mac to work and home PCs.
Just my 2 cents. Have fun.
Rank: Cave Painter
Wednesday November 4, 2009 7:21:23 PM
Then you have a class where user cjanges their password and forget it or write it down!
Rank: Web master
Wednesday November 4, 2009 10:43:03 AM
Tom, this is not an issue that you will be able to brush aside.
Certainly it is not the case that an individual will have to conduct his/her business personally over the net; the regular US mail is still working.
sadly: for most of us: if we don't put our data over the net: someone else will.
perhaps that is a topic that needs to be looked at as well. and the reason I write these notes is because Internet Crime continues to get worse -- up 585% this year -- according to a report I referenced recently
how long before the attackers render the Net useless?
=" if we can just start to get people to change their passwords on a regular basis"
See the two notes I wrote for you earlier:
If you are using an effective password -- and keeping it properly secured* -- an attacker is not likely to get to your data via an un-authorized logon.
If you are not using effective passwords -- or if you have malware -- your password will be INEFFECTIVE.
If you use a weak password such as "secret", "Yankees", "password", "7777", "hope", "love", "letmeon", "1234567", "hello" etc an attacker will GUESS your password rather quickly
If you have malware in your computer it doesn't matter at all how good your password is or how often you change it: the malware waits for you to log on and then helps itself to the use of your computer -- and your userid/password
3EHr90573FF29c
*if you leak your password -- or if someone you communicate with leaks your password -- then the password is compromised -- as soon as that happens. how much do you trust that other guy? what if attackers steal his entire user-id/password database? such things have happened, and then the data is sold on the black market. changing your password would help -- if you got it in time -- and if the attackers only raid the site once -- or once in a while. but malware can operate real-time. if it is your new password can be stolen within a few seconds. that is why malware is such an issue. until that problem is solved, best practices for password management arn't going to help they way they should.
Thinkernetter
Wednesday November 4, 2009 10:29:27 AM
Mike,
I appreciate your comments on Malware and think this is a necessary pursuit. Perhaps you can start a ground swell here on IE to get Microsoft to address this by Win7/SP2. However, suggesting people not to use the Internet to conduct business is not realistic.
Regardless of the fact that there are signficant issues with Internet security as well as browser insecurities, it has become a necessity to the point that some countries have identified Internet access as a "human right". So as we continue to request/force better security from all participants, we as users have a responsibility and if we can just start to get people to change their passwords on a regular basis and understand the dangers associated with not at least doing this simple task, we will have more support to then get software companies to write authenticated code.
Rank: Web master
Wednesday November 4, 2009 9:39:58 AM
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose. |
|
|
|
a moderated blogosphere of internet experts
A picture is worth a thousand words, or so the old saying goes. So understanding how to use images in e-newsletters effectively is quite important. Here are a few tips to ensure that your images in email newsletters work to your advantage.
Arms merchant or army? That's a fundamental question for vendors in the cloud computing space. Do they just sell their tooling to any and all comers, who then become the actual purveyors of hosted infrastructure, developer platforms, and software? Or do they offer their own cloud-based services, perhaps even keeping much of their technology in-house for competitive advantage?
With the value of toxic assets on the rise, large U.S. and European banks face many challenges on the road to recovery. Sharing key information may help these firms effectively track the way forward.
Most of us go through life knowing that we’re expected to learn from our mistakes and improve. Those who are more conscientious about learning and personal improvement usually reap greater rewards.
Marketers are known for exaggerated claims and stretching the truth just a wee bit. But most marketers I know truly believe in what they sell. Their aggressiveness is based on a confidence that what they are promoting truly benefits the customer.
IETV: the thinkerNet on film
an IBM information resource
sponsored content
big blue blog
While Google introduces its new Chrome OS (which I'm hearing will be widely available in one year? Did I mishear that?), IBM announced 10 new products today to help companies using IBM System z mainframe technology.
white papers & case studies
an IBM information resource
sponsored content
Smarter Collaboration: How to Thrive in a Challenging Business Environment
Market conditions are changing faster than ever, and organizations need to improve their agility and adaptability in order to provide better service and improve processes. The ability to work with customers, business partners, and employees as effectively as possible - while at the same time holding down costs - is a key to success.
READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE!
REGISTER HERE
Wanted! Site Moderators
Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
Please email: moderators@internetevolution.com
|
