Password Security

The Bible Study group Monday night had a short discussion about password security Monday night, including how bad we all are at it (some of us were guilty of worst password practices); this approach strikes me as very intriguing. I think I may adopt a strategy like it, perhaps hand-modifying the card they prepare, just in case someone somewhere along the line is using that site to harvest passwords. But a portable, non-specific memory prompt seems like a good strategy — and with enough noise in the data pool, it would be a waste of a thief’s time to try to work out which glyphs are actually part of passwords.
 
On the other hand, most users will need actually to record somewhere the matches among site, username, and password (whether directly recording the password or just marking a memory-prompt such as “pink/$”), which leads back to the problem of a thief getting access to that matching set. But if the password card is kept separate from the list of site/user/pw, a thief would have to get access to two separate sources of information, which improves your security. We’re still waiting, though, for the magic wand security solution.

This entry was posted in Uncategorized. Bookmark the permalink.

3 Responses to Password Security

  1. Reverend Ref says:

    Wouldn’t it be just as practical to invest in an Enigma machine?

    This from the guy who has three memorable passwords, and maybe a fourth that I can’t remember for a program that I use on a daily basis but it never asks for it so I really have no idea what it might be should I need to access it from some other system.

  2. Sal B says:

    Why not use a secure online password manager with two-factor authentication like Mitto.com – http://mitto.com/reviews

  3. Daniel says:

    it does exist… it’s called ntrofi. comes from the word ‘entropy’. “Entropy is a measure of disorder, or more precisely unpredictability.” (wikipedia)

    Anyway, it’s a password manager that you can download (so that your passwords aren’t stored online) which teaches you how to create unique, memorable and secure passwords, and then store those password ‘cues’ along with the username for each site you use. I’ve used it for about a year now and I have about 40 different sites/usernames/cues stored on there. It works, its easy, its the best out there so far. check it out, free trial:

    http://www.ntrofi.com/

    oo and the system for creating the passwords is great, I’ve never yet forgotten one :)

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>