All my passwords…

In the spirit of openness on the web I thought I’d reveal something interesting about the passwords I use on the web.  Just like everyone else now-a-days, I have tons of accounts on all sorts of websites, and my usernames tend to be fairly similar.

My passwords for email, social networking sites, twitter, my blog, and every place are …

different.

Okay, it’s not an astonishing reveal, but admit it – you have like 3 passwords, and you use them everyplace.  This is a terrible practice.  Stop it.

Now I would hope anyplace you’ve created an account with isn’t actually storing your password anywhere (they should just have a hash of your password) but anything can happen while data is in transit.

With recent headlines like, Network Solutions breach exposes nearly 600,000, and a new identity theft story popping up every day, it’s pretty clear that nobody is safe.  The least you can do to protect yourself is use different passwords.

It’s a pain, I know.  But there are a lot different ways to handle it.  There’s software like RoboForm and Password Safe, random password generators like GRC’s Perfect Passwords, scripts to calculate reusable passwords like SuperGenPass, decentralized authentication services like OpenID, and even sophisticated hardware like the Yubikey and SecurID.

There are tons of different ways to manage all the passwords we have to deal with on a daily basis – but one way which simply isn’t acceptable is to use the same password everywhere.  Use good, long, preferably highly random passwords.  And change them!

Leave a Reply