Security Corner

Jul 18 2010   4:21PM GMT

I Just Scored 65.1% on the LastPass Security Challenge

Ken Harthun Ken Harthun Profile: Ken Harthun

Last week, I posted the results of my first LastPass Security Challenge where I scored 55.7%. I was a bit shocked that my security was lacking and vowed to fix it:

You can bet that I’m going to be hard at work fixing these issues and I’ll take the challenge again and again until I’m satisfied with the score. I plan to address one issue at a time to see how it affects the score. As I complete each stage, I’ll post the results here along with an explanation of what I did.

The first thing I did was address the duplicate password issue on 48 sites. On those sites, the password was actually quite strong at 10 characters long, but the number of duplicates lowered the overall password strength rating to under 5%. On each of the sites, I used the LastPass secure password generator with options set to use 10 characters consisting of upper and lower case letters and numerals (this passes my password meter test with a rating of “Strong”). Here are the highlights:

  • Top strength rating for passwords is 100% – my average is 58.9% Still way too low.
  • 20 unique passwords are used on more than one site – a definite no-no.
  • 141 sites are using duplicate passwords – some of these are OK, but poor practice.
  • 42 of my passwords score below 50% strength rating.
  • Average password length is 8.4 characters – slightly improved.

Will I ever get a 100% rating? Probably not, since there are sites I have stored in LastPass that I don’t consider important enough to devote any time to securing (news sites, blog comments, and the like). But I do intend to keep working on this until I get the highest rating I can attain without unnecessary effort.

You have to be a LastPass user to take the security challenge, but if you are, give it a try and see if you can beat my score! https://lastpass.com/?securitychallenge=1.

Stay tuned.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: