Spina viagra us bifida occurs when the neural tube, a specialized set of buy cheap retin-a online cells that form during the first month of pregnancy, does betnovate online not close properly. If your local pharmacy doesn't have these zyprexa canada options, your doctor or pharmacist might be able to recommend order xalatan a pharmacy that does. They could also point individuals toward compare cialis prices online support groups for emotional support or prescribe painkillers for physical estradiol medicine symptoms. The company says these probiotics can support small and order zyprexa large intestines to promote digestive support and a healthy gut. atenolol online If you need financial support to pay for Nucala or estrace online stores help to understand your insurance coverage, help is available. A cheap nexium from usa person with restless legs syndrome experiences twitchiness and discomfort in purchase t-ject 60 online the legs, usually after going to bed. Scientific evidence suggests that.

Passwords are a nuisance. As a security technology, they have many problems.

1. If they are complicated, or consist of meaningless strings of symbols, we forget them.
2. So we pick strings that are easy to remember, our children’s names or our birthdates. Then either
   1. They are easy for attackers to guess, and aren’t secure at all, or
   2. (As now commonly happens) the site won’t let us use such a simple password, and we have to come up with something stronger.
3. If we try to make passwords easier to remember by using the same password for multiple sites, then the security of the password is only as strong as the security with which the most amateur of those sites protects the password data. So if you are asked to create a password for access to a web site that seems sketchy, don’t use the same password as you use for your financial data, because it could be a scam; the scam artist may be able to figure out your bank or credit card number from a statement you threw out in the trash and may try the password with that account.
4. Because passwords are a nuisance to keep re-entering, single passwords sometimes give access to lots of information that could be split up to increase security.
5. For the same reason, some services don’t log you out after a period of inactivity. This is one of the worst security problems with Facebook. If you forget that you have left yourself logged in and allow someone else to use your computer, even days later, they have access to your profile — and also to all the information that your login enables you to see about your “friends.”
6. Systems with default passwords, so that they work “right out of the box” but advise you to change the password for security reasons, are extremely vulnerable. Anyone who knows the default password, perhaps because they used to work with the supplier or have used the device or system themselves, or can guess it ¬†(“admin” and “0000” are good to try),¬†can break into yours if you take the easy way. Here is a nice story about someone stealing gasoline from a pump that had not had its security code reset by the gas station proprietor.

Personally, I have several passwords, and I try a pyramid approach: A low-security password for a large number of sites that have no information on me worth protecting; a high-security password for a very small number of sites with very valuable information, such as credit card companies and banks; and a couple of layers in between. A lot of people I know seem to use a scheme like this.

But here’s a nice idea used by one fellow I know. He uses an algorithm to combine the name or URL of the web site with some personal information to produce site passwords that are different for every site. To take an overly simple example (he didn’t tell me his exact method), if this site (bitsbook) needed a password, I might append my first name to it, to create the password “bitbookharry”. That would be too simple — you’d need to break up the words, insert some nonalphabetic and capitalized characters, etc. But the basic idea of just having to remember a single algorithm, which you can apply to the URL along with some easily remembered personal information, sounds like a good trick.

But really, we need a different security mechanism (and there are some; perhaps more on that later).

This entry was posted on Thursday, September 11th, 2008 at 9:02 am and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.