Enter your Email


Powered by FeedBlitz
Ted Demopoulos Ted's contact info
Ted lives in Durham, New Hampshire, USA, with his wife Margaret, children Jamie, Amelia, Anastasia, and dog Tyler. He consults and gives keynotes on Technology, Security, and Business. He loves flyfishing, ham radio, and great food and wine.

Main Website

Keynote Speeches

Free Articles

securITy Newsletter

More about Ted

Subscribe via:

Atom/RSS feed

Add to My Yahoo!

Subscribe with Bloglines

Subscribe in NewsGator Online

Sites & Services I Like

•Profitable College Speaking Bootcamp

•Striped Bass Fly Fishing

•College Speaker

•Shopping Carts for Blogs and Websites

•Book Reviews

•SANS Network Security 2008

•Need a Shopping Cart?

•Security Laboratory

•Become a Published Author and Public Speaker

•SANS Security Training

•Geekonomics

•Security Thought Leader

Previous Posts

Some Blogs I Like

PINs/usernames, passwords - reusing and remembering

The average person simply has too many PINs/usernames and passwords to remember today!

It'’s OK to reuse a name and password multiple times for low security sites, such as bulletin boards, newspaper sites, etc. Yes, I know some people say never to do this, but they are both wrong and not practical.

When security is critical, like on banking and brokerage sites, use unique PINS/usernames and passwords. Passwords really need to be words NOT in the dictionary, and preferably long and random.

Most people can't remember long random passwords - it's OK to WRITE THEM DOWN. Store them in your wallet or purse and treat them like cash. Do not write down detailed directions like "to access account soandso, go to www.bank.com and use the PIN myname and password longrandompassword."” Just write down as little as possible - something you'll easily understand that most others won't, and keep it secure. NO STICKIES with details on the monitor please!!

What does: "3xran-1hair"” mean?
Answer: nothing to you, but it to me it describes a complex password very well.

There are some interesting schemes for remembering (and generating) passwords. One person, a car buff, uses his last three license plates concatenated together. I don’t even remember my current license plate, but it works for him.

Using the first letter (or second or third) of each word in a well known phase can work well. "“Iwraranaped"” (from the song "I want to rock and rock all night and party every day"), is easy to remember, and could be improved by adding a non alphanumeric or more. How about: "“IwRaRanaped!!!" ?

You simply cannot have unique user/PIN/passwords for everything and remember them: It's impossible!! Forget unique, even the remembering part is tough.

posted by Ted Demopoulos at 11:16 AM

Comments on "PINs/usernames, passwords - reusing and remembering"

 

post a comment
Books I've Written

      
      
Demopoulos Associates' Phishing Survey Results

Most Internet users have been targeted by criminal phishing emails, yet less than one third have any idea what phishing is, and only 3.5% have changed their habits due to the threat of phishing!

Risks include Identity Theft, Credit Card fraud, and more.

Download Results (pdf)
Books I Love