Security Corner

Oct 30 2015   7:24PM GMT

The biggest password problem is not what you think

Ken Harthun Ken Harthun Profile: Ken Harthun

Tags:
Password policies
Security

We security types love to blame simple, easy-to-guess passwords for all our problems. We come up with ways for people to generate complex, hard-to-guess passwords that are yet easy to remember. We educate, we cajole, sometimes we shout. We chant our mantra: “Long, complex…long, complex…” Many of us don’t even consider that there could be an even bigger problem; in fact, the biggest password problem isn’t the use of weak passwords. It’s the REUSE of ANY password. We should be preaching against the sin of password reuse more than the sin of weak passwords.

According to security researcher Graham Cluley,

…everyone should run a strict “one password, one website” policy. Reusing passwords is playing Russian roulette with your online identity and (potentially) your finances. It’s very common for hackers who have stolen data from one site to then see if they can unlock accounts on other websites using the same credentials.

And you know what? More times than not, it works.

Internet users need to learn that the biggest password problem is not actually dumb, guessable passwords. The biggest password problem is reuse.

I wholeheartedly agree!

Now go and have a great H@110W33n weekend. And don’t forget to turn back your clocks.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: