Like most of you, I use the same password too often on too many sites.
I DO take care to use complicated passwords (combination of upper/lower case, numbers, symbols, and long strings) for my crucially important sites such as financial information.
Luckily I have an almost RainMan-like ability to remember these strings (on the flip side, I’m the world’s WORST at remembering names!). For all my social networking accounts, and anything else that requires a password, I have 6 or 7 pat password strings that I rotate from time to time, and every once in a while, I’ll introduce a new one. I change these randomly.
I thought that was pretty good.
It’s not.
This month’s WIRED MAGAZINE article : Kill the Password: Why a String of Characters Can’t Protect Us Anymore has upset my veil of security.
I suggest you take the time to read this excellent article right now. It should scare you. It did me.
Luckily, it comes with some common-sense ideas for making things tougher for the bad guys, although, in general, it makes a great case for getting rid of the paradigm of password-use altogether.
Have a great weekend!
CourVO