Gave me some thoughts about security. Some meaningful thoughts that resulted in actions. It’s like locking your bike- it will not stop anybody but it will prevent the less encouraged…
Interesting post by Willard Foxton on password security, describing how the 2009 hacking of the RockYou gaming website started a cascade of website cracking – all too easy in an era where “cryptographic feats that were the stuff of legend in the Second World War” can now “be done on your iPhone”.
Foxton summarises “current best advice” on password security as follows:
The current best advice is to have passwords composed of 20 characters, with no real words, and your gobbledegook has to include upper and lower case letters, symbols, numbers and punctuation, all randomly scattered through the word. On top of that, you need to have a different password for every site you use and change your password for all of them every three months.
I think it’s safe to say that a system whose “best practice” amounts to that is a system that is irretrievably broken.
Skatīt ziņu 317 more words