The false security of a strong password
http://www.nytimes.com/2010/09/05/business/05digi.html <- A Strong Password Isn’t the Strongest Security
We manage tons of passwords across all our personal and business accounts. The rules keep getting worse and worse. The NYT article suggests a password concocted with complex rules - caps, numbers, special characters, no repeating digits or characters, unlike the previous 14, cannot be changed twice in a row, must be 8 characters or more - are less safe than simple dictionary words with proper security policies - account lock out if brute force attacks are detected and disallowing the same password among .01% or more users. I look forward to having simple passwords. Till then, here are my tricks to save my passwords:
LastPass is a free browser plug-in that works across IE, Safari, Chrome, and FireFox to save your account user names and passwords for all your sites. The data is saved on a LastPass server (under a password) so that it is up to date and accessible across all your browsers & personal computers. When you navigate to a site, it will automatically fill in your user name and password. While some browsers have this feature built in, they don’t allow easy editing or sharing of the data across browsers & computers.
1Password is a wonderful iPhone application that allows you to save your password on a mobile phone. A 4 digit unlock code enforced by the application protects the passwords inside. If you have a Macintosh, you can sync the passwords to your Mac and across other devices. With 1Password, you don’t need to save your passwords to a central server to get cross device portability. Unfortunately, the one thing 1Password doesn’t work with is Windows…
