gfxgfx
 
Please login or register.

Login with username, password and session length
 
gfx gfx
gfx
76793 Posts in 13502 Topics by 1651 Members - Latest Member: Arnold99 October 04, 2024, 08:52:48 pm
*
gfx*gfx
gfx
WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Password tips
gfx
gfxgfx
 

Author Topic: Password tips  (Read 1932 times)

0 Members and 1 Guest are viewing this topic.

Password tips
« on: October 19, 2012, 01:17:59 am »
Quote
We – the users – are supposed to be responsible, and are told what to do to stay secure. For example: “Don’t use the same password on different sites.” “Use strong passwords.” “Give good answers to security questions.” But here’s the troublesome equation:

    more services used = more passwords needed = more user pain

… which means it only gets harder and harder to follow such advice. Why? Because security and practicality are in conflict.

Markus Jakobsson

A security researcher, Dr. Markus Jakobsson is one of the main contributors to the understanding of phishing and crimeware. He holds over 50 patents and 100+ pending patents; is a co-founder of four startups spanning user authentication, mobile malware detection, and secure user messaging; and has published a collection of books. Jakobsson is Principal Scientist of Consumer Security at PayPal.

But they don’t have to be. As someone who has studied millions of passwords and how they were constructed – I’ve spent most of my waking hours for over a decade obsessing about authentication methods – I say we can have both security and practicality.

And it starts with recognizing that a lot of security advice hurts more than it helps...
...One common suggestion is taking a word, let’s say “Elvis”, and replacing letters with digits to get “3lv1s”. While this makes a password memorable – presuming we won’t forget Elvis – it doesn’t make it that much more secure. Because everybody makes changes just like that....
...So how do we select strong and memorable passwords? Here’s how: Think of a story, something weird and memorable that happened to you. Like that time you went jogging and stepped on a rat (ugh). Your password? “JogStepRat”: Your personal story boiled down to three words. If this really happened to you, you won’t forget. And no one else can guess it – unless you’ve told everyone that story, but then you’d just pick another, more embarrassing source story you’d never share!

This approach isn’t just conjecture: It works. It’s been tested at a large scale, and this type of password has twice the bit security of an average password. I kid you not.

http://www.wired.com/opinion/2012/10/passwords-and-hackers-security-and-practicality/

WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Password tips
 

gfxgfx
gfx
©2005-2024 WinMXWorld.com. All Rights Reserved.
SMF 2.0.19 | SMF © 2021, Simple Machines | Terms and Policies
Page created in 0.015 seconds with 23 queries.
Helios Multi © Bloc
gfx
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!