Tag: password

Home >> Posts tagged "password"
‘Password’ Is Not A Secure Password

Is there such a thing as a secure password? It seems like every month or so there is a similar announcement. Last month Yahoo! was hacked, with hackers exposing something like 450,000 user passwords. The month before that, it was LinkedIn where 6 million user passwords were exposed. And these are just the latest episodes. You (the user) has no control over the security (or lack of it) by an online service such as Yahoo! or LinkedIn. But there are efforts daily by hackers to log in to user accounts by guessing passwords - there are even automated programs (downloadable on the internet) to automatically try to repeatedly guess insecure passwords, and take over your account. The message from these attacks is not that you shouldn't use these services (though you should not use them without thinking about the security implications, and whether or not you really want to put your information in that semi-public location). The real lesson is found in the passwords that were disclosed. [pullquote]Password security is a myth.[/pullquote] Sooner or later some site you use will be hacked, and your password will be stolen. From that time on, unless you can change your password before the hacker gets into your account, they will own your account. Is there better security than passwords? The short answer is "yes." One way is rarely used, but it is called public key security. Briefly, you would use software to create an encrypted key. You keep a private version and a public version would be uploaded to sites you use (like Yahoo!, LinkedIn, etc.), and the two must be used together to gain access. However, most of today's sites and web browsers simply aren't ready for this. Google has come up with an intermediate approach, called "2 step verification." To use…