July 6, 2006

key to the kingdom!

Simple advice for more sensible password use: "The most obvious solution to this hassle is simply to choose one password and to use it everywhere. Indeed, a survey conducted during April 2006 by Sophos reveals that 41% of respondents do just that. Additionally, 75% of the respondents to a separate part of the survey admitted to the use of weak, easy-to-guess passwords. Presumably this means that 31% of users (75% of 41%) have no accounts at all with satisfactory passwords." As developers we don't realize often that the passwords we deal with from the users of our system is the key to their kingdom. The minute ones crack my system, ie get access to user and password information on a system under my watch, the cracker now mostly like have access to several other sites with that same info - because most likely they use one password for all the sites they deal with. It's a big responsibility to store passwords, and it's also a big responsibility to have functionlity to do password management, like forgot your password kind of fct.

No comments: