BrizBunny Rotating Header Image

Commentary

Passwords

A lot has been written lately about passwords, and about big hacks on websites that have revealed passwords. I won’t link out to them because the problem isn’t going anywhere and there will be a fresh batch before you know it!

There are a lot of different points of view about what a password should look like and contain. The general consensus is that they should contain upper and lower case, numbers and special characters, and the same password should not be used across all websites. There should be a segregation of passwords across types of website; banking and news site passwords should be very different.

Once you get past signing in to a couple of websites things have got pretty unmanageable, especially as each one has its own rules about what sort of characters you can have in that password. How do you remember which password belongs to that site? Normally this question isn’t answered. The best thing that I have read on the subject is Password Security: Why the horse battery staple is not correct [^] – head over and read it, I’ll wait. In that article, Diogo Mónica says that our passwords should be unique and strong, but we should not be trying to remember all of them.

This is a solved problem, we should be using a password manager instead. Put a good strong password on the file and encrypt it, and remember that one password, then no-one except you can get to those passwords. There is usually space to store other details for each sign-on as well, like the email address or mobile number that you used when you created the account. Another good thing about password managers is that they will generate strong passwords for you based on the selectable criteria – upper and lower case, spaces, numbers, special characters and length. Once you have tried a password manager you won’t want to go back to the way you are doing it now.

Choose a Strong Password

There are password managers for all of the operating systems that you are likely to be using, and some integrate into your browser as well. If you are using many devices (computer, laptop, mobile, tablet …) combine the password manager with a free online syncing service like Dropbox (Referral Link, help me earn more free space) [^], then all of your passwords are up-to-date and available all of the time.

Links:

Charity

It is always worth remembering The Golden Rule [^] – “Do to others as you would have them do to you”. Today I had a bit of a jolt as I was reminded that Charity can be scooped-up in the same concept. Charity isn’t just about financial giving, but a realisation that another needs help. The Philosophers’ Mail went a little further in the little further about charity in relationships:

Charity remembers how there might still be goodness amidst a lot of evil. Charity keeps in mind that if someone is tired and stressed, they are liable to behave appallingly … Charity is interested in mitigating circumstances…

…in life as a whole, and especially in relationships, charity is unlikely ever to end up being one-sided: who is weak and who is powerful changes rapidly and frequently. You are likely to be, as it were, a patron in one area and a beggar in another. So we must be kind not only because we are touched by the suffering of others but because we properly understand that we too will soon be in urgent need of an equally vital dose of charity in some other part of life.
The Philosophers’ Mail – Why you need to learn a little charity[^].

Charity is about giving and receiving, and understanding.

Gingerbread Couple

Privacy

In "Do You Really Know What Your Kids Do Online and In Games" Pete Brown tells of the real world consequences of online activities.

Two boys had complete freedom in their online activities and gaming; something we have all heard about on early evening "current affairs" type programs. But, unlike their normal response, Pete doesn’t decry the harshness of the penalty, and tell us how unjust the treatment of the boys is. The post is packed full of useful security and privacy tips, and decides that all the rules that used to be applied to "real" life (don’t get into cars with strangers, don’t tell everyone you are going on holiday) apply to online life as well. Though my favourite is:

Each and every piece of information you post on line, no matter how small, should be evaluated:

  • Could this information cause harm to anyone else if it got out?
  • If the wrong people saw this, could it cause me harm?
  • Am I sharing information that is private to someone else?
  • Is it my secret to share?

Source: Pete Brown’s 10rem.net [^]

Good work Pete, thanks for the big dose of common sense!

privacy

Martin Luther King Day 2013

It seems that last week’s post on Inaction was just setting the scene for this post. Today is Martin Luther King Day [^] in the US.

“Our lives begin to end the day we become silent about things that matter.”

Dr King was talking about segregation and racial oppression in the 1960s, but this still hold true today. History is full of immoral acts that were allowed to continue unchecked because of silence and inaction.

“He who passively accepts evil is as much involved in it as he who helps to perpetrate it. He who accepts evil without protesting against it is really cooperating with it.”

 Martin Luther King Day 2013

Popular PINs

Have you ever wondered how secure your Credit Card or EFTPOS PIN is? We the clever folk at DataGenetics have worked out the most and least popular Personal Identifying Numbers [^], see if you are on the list.

Out of 10,000 possible combination (0000-9999) the top 3 most “popular” PINs (1234, 1111, and 0000) account for almost 20% of PINs used! So for your normal three guesses and it swallows the card Teller Machine, there is a one-in-five chance of “guessing” the right number. Other popular choices are years (19xx) and day and month combinations (ddmm, mmdd), which are probably easy to guess if you know the person.

Leaked PINs

Leaked PINs