Comments on: Password Security Insights

By: F. Andy Seidl

F. Andy Seidl — Mon, 23 Mar 2009 16:46:05 +0000

I've been advocating for strong password use both within my company and with our clients for years, but its surprising how many people use the same simple password everywhere.

I wrote more about that, and about some tips for avoiding common password management headaches, here:

The Danger of Strong Passwords that are Easy-to-remember
http://faseidl.com/public/item/229130

By: Scooter

Scooter — Tue, 10 Feb 2009 18:58:56 +0000

My password if ******* and bet no one else has that.

How about 123456 that's the kinda combo an idiot has on his luggage.

By: burexas.irom

burexas.irom — Tue, 10 Feb 2009 11:41:30 +0000

I'm surprised that the passwords "secret" and "sex" from the movie Hackers didn't have a noticeable percentage. That movie was hilarious.

By: Skipweasel

Skipweasel — Tue, 10 Feb 2009 11:32:03 +0000

Oh, and if you're going to use a password generator for really Sdfg£$7£$%sbkA sort of passwords for routers and the like - write it carefully on the bottom in indelible pen.

By: p³

p³ — Tue, 10 Feb 2009 09:35:53 +0000

"159357" will be popular among lefties."
I wonder how lefties reach for the numeric keypad...

By: Skipweasel

Skipweasel — Tue, 10 Feb 2009 09:26:26 +0000

For secure passwords I sometimes use license plate numbers from cars we had when I was a kid. Most men can remember the plates from when they were not much older than toddlers - alphanumeric, non-obvious, and unless someone's very clever, impossible to guess.

By: nicleT

nicleT — Tue, 10 Feb 2009 06:05:00 +0000

I personally set very complicated passwords and store them in a utility called 1Password.

By: Justin

Justin — Tue, 10 Feb 2009 04:40:45 +0000

yeah I agree with everyone here. For important stuff like my school e-mail, I use a more complex password. However for most websites like this one I just use an easy to remember password.

I am curious to know the passwords people choose for their primary e-mail. That would be a true test of how secure they make their password.

But honestly, why should we feel the need to create complex and unique alpha-numeric passwords for neatorama? If someone wants to hack my account and post as Justin I really wouldn't care and probably wouldn't even notice.

By: CheeseDuck

CheeseDuck — Tue, 10 Feb 2009 02:21:04 +0000

I agree
I personally use my first name for a variety of sites that require passwords, but I do not really care about the security of.

By: Edward

Edward — Tue, 10 Feb 2009 02:09:55 +0000

Willwesmck is correct. Everyone on the Internet needs three passwords. A simple one for sites that don't really matter, a strong one for sites that do, and a really complex one that changes every month for sites that handle money.

By: willwesmck

willwesmck — Tue, 10 Feb 2009 00:36:23 +0000

Just an observation:
Maybe the reason why people don't use strong passwords for websites like phpBB and Myspace is because they frankly do not care. When every site requires a password, people usually choose a simple easy to remember password for websites like these, and choose to keep their strong passwords for banking websites and the sort. The sites obviously have security holes, so I wouldn't use a serious password.