Comments on: Pick Passwords That Protect You Online http://freshid.com/pick-passwords-that-protect-you Tue, 24 Aug 2010 04:04:12 +0000 hourly 1 http://wordpress.org/?v=3.0.1 By: Tracy Earles http://freshid.com/pick-passwords-that-protect-you/comment-page-1#comment-248 Tracy Earles Wed, 25 Feb 2009 16:15:20 +0000 http://design-for-users.com/?p=183#comment-248 I currently use Keychain, which is part of Mac OS X, and like it. I have used KeePass in the past, which is comparable. I always had a concern about KeePass, even when I was using it, because it was open source. Not that I have anything against open source, per se, but I always had a small, niggling concern about whether someone had put a backdoor in it. I suppose some miscreant at Apple could have done the same with Keychain, however. For that matter, that could be true of any password management application, so the only truly safe method is to memorize passwords. Unfortunately, my head is too filled with other crap for this to be an effective strategy for me. I currently use Keychain, which is part of Mac OS X, and like it.

I have used KeePass in the past, which is comparable. I always had a concern about KeePass, even when I was using it, because it was open source. Not that I have anything against open source, per se, but I always had a small, niggling concern about whether someone had put a backdoor in it.

I suppose some miscreant at Apple could have done the same with Keychain, however. For that matter, that could be true of any password management application, so the only truly safe method is to memorize passwords. Unfortunately, my head is too filled with other crap for this to be an effective strategy for me.

]]> By: Kristi http://freshid.com/pick-passwords-that-protect-you/comment-page-1#comment-242 Kristi Tue, 03 Feb 2009 22:38:56 +0000 http://design-for-users.com/?p=183#comment-242 Thanks for this bit of info Chris. You know, though I have worked with security firms (and black hats/white hats) I don't like to get into that kind of technical detail and don't want to have to worry about it, just like most users. But we SHOULD know more, to protect ourselves. There were some folks that had to deal with hours of cleanup, unfollowing and refollowing people, not to mention the explanations. We have to help ourselves by becoming more educated, if we're going to play online. Thanks for this bit of info Chris. You know, though I have worked with security firms (and black hats/white hats) I don’t like to get into that kind of technical detail and don’t want to have to worry about it, just like most users. But we SHOULD know more, to protect ourselves. There were some folks that had to deal with hours of cleanup, unfollowing and refollowing people, not to mention the explanations. We have to help ourselves by becoming more educated, if we’re going to play online.

]]> By: Chris Larson http://freshid.com/pick-passwords-that-protect-you/comment-page-1#comment-243 Chris Larson Tue, 03 Feb 2009 22:33:29 +0000 http://design-for-users.com/?p=183#comment-243 Hackers are just like other people - some are stoopid others are brilliant. Some are ethically challenged, while others identify problems and get software companies to fix them. A dictionary attack against Twitter is probably one of the easier ones to perform. Without going into the details, the Twitter API itself can be used to hack an account with very little specialized knowledge. This is not the action of a hacker, but rather someone better known as a "ScriptKiddie" - one of those aspiring malcontents on the internet learning to hack the world for fun and prestige. Sadly, that kind of hacking is rewarded by the wonderful accomplishment of having the Secret Service knocking down your door - it is a crime that crosses state lines and unauthorized utilization of a service that results in an actual cost (even if it is only a fraction of a penny). If a whole bunch of them do the same thing at the same time, woohoo! Here comes the FBI! Congratulations! You just became involved in racketeering! However, a true hacker - and I mean the ones that test for security vulnerabilities so that they can be corrected or software can be improved - their names are sorely tarnished by these activities. Hackers are just like other people – some are stoopid others are brilliant. Some are ethically challenged, while others identify problems and get software companies to fix them.

A dictionary attack against Twitter is probably one of the easier ones to perform. Without going into the details, the Twitter API itself can be used to hack an account with very little specialized knowledge. This is not the action of a hacker, but rather someone better known as a “ScriptKiddie” – one of those aspiring malcontents on the internet learning to hack the world for fun and prestige.

Sadly, that kind of hacking is rewarded by the wonderful accomplishment of having the Secret Service knocking down your door – it is a crime that crosses state lines and unauthorized utilization of a service that results in an actual cost (even if it is only a fraction of a penny). If a whole bunch of them do the same thing at the same time, woohoo! Here comes the FBI! Congratulations! You just became involved in racketeering!

However, a true hacker – and I mean the ones that test for security vulnerabilities so that they can be corrected or software can be improved – their names are sorely tarnished by these activities.

]]> By: Will Buckley http://freshid.com/pick-passwords-that-protect-you/comment-page-1#comment-244 Will Buckley Sun, 01 Feb 2009 23:09:50 +0000 http://design-for-users.com/?p=183#comment-244 Call me lazy but I have been using roboform for a few years and like it. I do get lazy sometimes but never use a real word as a password. I did have someone hack my computer a few years ago. lucky I caught them and smacked them down. You can never be too careful. Call me lazy but I have been using roboform for a few years and like it. I do get lazy sometimes but never use a real word as a password.

I did have someone hack my computer a few years ago. lucky I caught them and smacked them down. You can never be too careful.

]]> By: Billee D. http://freshid.com/pick-passwords-that-protect-you/comment-page-1#comment-245 Billee D. Sat, 31 Jan 2009 14:40:48 +0000 http://design-for-users.com/?p=183#comment-245 I recently started using something called Yojimbo by Bare Bones Software to store passwords. It's kind of like an electronic junk drawer/filing cabinet, where you can store just about anything. The product even has a dedicated password entry type and the passwords are stored with 128 bit encryption. It is very easy to use and quickly fits into the Mac workflow (BTW: it's Mac-only -- sorry Windows users). I recently started using something called Yojimbo by Bare Bones Software to store passwords. It’s kind of like an electronic junk drawer/filing cabinet, where you can store just about anything. The product even has a dedicated password entry type and the passwords are stored with 128 bit encryption. It is very easy to use and quickly fits into the Mac workflow (BTW: it’s Mac-only — sorry Windows users).

]]> By: Connie Baum http://freshid.com/pick-passwords-that-protect-you/comment-page-1#comment-247 Connie Baum Thu, 22 Jan 2009 22:01:00 +0000 http://design-for-users.com/?p=183#comment-247 This site is chock full of great information...thanks to Twitter and your following me I have found you! Thanks a bunch! Consider yourself hugged! Connie Baum http://motherconniesez.blogspot.com This site is chock full of great information…thanks to Twitter and your following me I have found you! Thanks a bunch!

Consider yourself hugged!

Connie Baum
http://motherconniesez.blogspot.com

]]> By: Mark Evans http://freshid.com/pick-passwords-that-protect-you/comment-page-1#comment-246 Mark Evans Sat, 10 Jan 2009 19:37:05 +0000 http://design-for-users.com/?p=183#comment-246 I'm a big fan of 1Password. Good to see it get some attention! I’m a big fan of 1Password. Good to see it get some attention!

]]>