Blog

Wash Your Hands—and Your Password.

Oct 22

Written by:
10/22/2010 7:05 AM

It's cold and flu season and, with H1N1 making the rounds, we are being extra careful. We take every precaution to make sure we are safe from invaders: lots of hand-washing, sanitizing when we can't wash, not sharing drinks, anti-bacterial-wiping any common surfaces. We do all we can to keep the germs out. Put another way, we are vigilant about keeping our biological systems secure.

If only we were as watchful of our information systems.

Passwords are the most basic component, the “hand washing” of information security. A good password is effective in keeping out unwanted visitors, as well as preventing the unwanted spread of data. But too often we share passwords—not with other people, mind you, but with other systems.

To be safe, we should have a different password for every system we log into. But how many of us actually follow that guideline? According to research, it depends on how advanced a user you are. The same way that a doctor is more likely to be aware of the dangers of sharing germs, advanced computer users are more aware of the risks inherent in using a standard password.

It can be argued that, with so many systems to log into, it is unlikely that the everyday user would be able or remember umpteen individual passwords. Can't we just write them down? No! Writing passwords down is akin to using someone else's toothbrush—a definite no-no!

So what is the answer? One suggestion is the use of picture-passwords, my favorite of which uses Rorschach-like inkblots to generate a series of seemingly random characters. Another has the user “draw” a graphical password. Another offers a selection of several pictures in a grid, allowing access only after the correct pictures have been selected in the correct order. Then, there is the new movement towards the one-time password (OTP), that allows a second password in certain situations.

But until new technology gives us a workable alternative, most of us have to make do with the traditional alpha-numeric-symbolic password. Isn't it time to disinfect yours?

Read more about Facebook’s recent use of the OTP here:

http://www.darkreading.com/authentication/security/app-security/showArticle.jhtml?articleID=227900296

Trackback Print

Tags:

Categories:

Location: Blogs Parent Separator

Linda Rodrigue

0 comment(s) so far...

Your name:
Your email:
	(Optional) Email used only to show Gravatar.
Your website:
Title:
Comment:

Security Code Enter the code shown above in the box below
Add Comment Cancel

Blog Search

KeywordsPhrase

RocketReady Twitter

Twitter Updates

Keep Your Android Healthy! http://t.co/jVCIkhRn about 1 months ago reply
Let's review the top 5 security breaches of 2011. Surprisingly, employees were the biggest losers (of information). http://t.co/Kl0MBBPk about 4 months ago reply
Click here to find out how to recycle your way to a security breach. http://t.co/mMQRNzgR about 5 months ago reply
That guy that just followed you in from the parking garage could be a social engineer—and you just held the door open. http://t.co/C8EcCgVN about 6 months ago reply
Yes...the name is ridiculous. But “vishing” is a serious threat. http://t.co/aCWncSwE about 6 months ago reply