What’s your P@ssw0rd?

1 Comment

I know I’m a little late to the party, but recently I’ve been giving more and more thought to the passwords I use to access the various sites and tools I use on a day to day basis. The main reason I started thinking about this is because of Google’s introduction of the 2-step verification process and a recent article in Wired in which Google has declared ‘war’ on the Password.

Now what does this have to do with encryption solutions you might ask? Quite a lot actually. Especially when you consider the primary method of authentication for nearly all encryption solutions is a user generated password. Of course, it’s also entirely possible to enable multi-factor authentication with encryption solutions leveraging things such as password and tokens such as smartcards, fingerprint readers and so on.

But let’s face it, most people use a password. So the question that begs asking is what constitutes a good password?. The best advice I was ever given regarding password strength was to create a phrase and avoid all the usual pitfalls of personal info like pet names etc. A really good summary of best practices can be found in this ‘Ultimate Guide for Creating Strong Passwords.’

I have personally been hacked once on some personal accounts as a result of a poor password. I rectified the situation pretty quickly but didn’t think much of it. More recently with the various news reports about ID theft and phishing scams, I’ve come to the realization that good password practices are a critical piece of protecting your information and identity – with or without encryption. The access to your information is only as good as the strength of your password.

If you’ll excuse me, I’m going to go and double-check my password quality on all my accounts now and make sure I didn’t use ‘p@ssw0rd’ or any other such nonsense.

Previous Post
The Cost of Data Loss
Next Post
Encryption solutions & Pre-Boot Network-based Authentication

Related Posts

Revisiting the TPM

TPMs have been shipping for nearly 8 years now.  WinMagic was an early adopter and supported TPM version 1.1 for full disk encryption before most.  We expanded our support to the more main stream version 1.2 TPMs when they started…
When virtual environments get too heavy

When Virtual Environments Get Too Heavy

As an encryption security vendor that is working its way into Mobile Device Management (MDM), I’m fascinated and constantly looking at new ways to secure mobile devices and company information. As someone with a background in virtualized environments, I’m even…
Read more

What kind of encryption is best for you?

There are plenty of ways to secure data and all have pretty acronyms: Full Disk Encryption (FDE), File and Folder Encryption (FFE), Removable Media Encryption (RME) and so on. These three are the ‘meat’ of any good encryption solution. The…
Read more

Securing the Cloud

Recently it was revealed that Oregon Health & Science University (OSHU) staff were storing patient data in a cloud storage solution – namely, Google Drive. What’s the big deal? It’s Google, it has to be secure right? (more…)
Read more

1 Comment. Leave new

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Menu