Are there times when you use a weak password?  OK, maybe readers of this blog don't, but I'm sure that you know people that do.  Right?  

Well, just in case you do know someone, here are two articles that show you why it's such a terrible idea to make use of weak passwords (or to reuse passwords).

The first article is on One Man's Blog and the author looks at how he would go about trying to hack a weak password.  Can you really hack about 20% of passwords using the top 10 list?  Well, it depends on your audience (against a bunch of security-conscious people, you don't stand a chance), but yes, it's certainly possible.

The other article is on gHacks.  This is in response to the first article and takes the idea of hacking passwords a little further.  This shows that it's not just important to choose a good password, but to also choose a username that's not so easy to guess.

What I do is make use of a program like PasswordSafe to generate and store my passwords.  This way I can let the program generate me a good password (and username if that's not based on an email address - if the site uses an email address then I have a number of really complex and obscure ones that I use for that job - or I can just create a new one on Gmail say) and I'm safe in the knowledge that I won't lose the information (I always keep a backup of the file on USB keys).  PasswordSafe can be set to generate some really tough passwords for you, and because it has a neat copy to clipboard facility (and it also clears the clipboard for you when you're done) there's no need to mess about typing the password in!  Choosing your own password is a really bad idea.  Just like when asked to pick a vegetable about 95% of westerners will choose carrot (try it), when faced with the pressure of having to choose a password people choose stupid stuff.  Don't fall into the trap!

Don't be sloppy when it comes to security!  It only takes a small stumble for it to cost you dearly.

This entry was posted on Tuesday, March 27th, 2007 at 16:27 and is filed under Stay Secure. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.