 |
RE: [RC] Whats New with SERA - password safety - Mike SofenI would discount the notion of changing your passwords frequently. Here's why: changing only protects you if your password has been compromised. If you use online banking, you'll know it pretty quickly because your account is empty. Otherwise, there's not much happening. If you allow an ecommerce site (like Amazon) to store your credit card info and someone hacks your Amazon password then they could go shopping with your money. Routinely changing your password doesn't decrease the chances of it being compromised, it only decreases your potential exposure once it HAS been compromised...if you use a weak password and a site is hacked you WILL be a victim. However, all bank and legit ecommerce sites have hacker detection software running and monitor for multiple failed attempts to login. For the most part, these sites are quite safe. Not so well known are the internal security flaws that would allow a senior software engineer to swipe a bunch of credit card data from the company and sell it...that's happened quite a few times. Again, the legit sites have internal controls that largely prevent this from happening. Create 2 complex passwords and alternate them perhaps yearly. Anything else, in my opinion, is statistically irrelevant. Mike Sofen -----Original Message----- From: ridecamp-owner@xxxxxxxxxxxxxxxxx [mailto:ridecamp-owner@xxxxxxxxxxxxxxxxx]On Behalf Of Truman Prevatt Sent: Sunday, February 08, 2004 8:21 AM To: Ed & Wendy Hauser Cc: David LeBlanc; 'Ride Camp' Subject: Re: [RC] Whats New with SERA Use random patterns. Don't use the same password in multiple places. Use upper and lower case if they are case sensitive. Use alpha-numeric. Don't use anything that is related to you - like your name. Don't reuse the same password. And change your password often. By doing all the things that make it difficult for you to remember your own password - you make it more secure! Truman Ed & Wendy Hauser wrote: "and user-chosen passwords tend to be very weak. There's a serious risk here even if your system isn't compromised. This is why I think the advice to:" Could you give us some advice as to how to choose passwords that are hard to guess? I have heard that while: "horsesandmules" would be weak because all the words are in a dictionary "selumdnasesroh" would be better and "selumdna7sesroh" even better it may even be easy to remember if you owned 7 horses and mules. Ed Ed & Wendy Hauser 2994 Mittower Road Victor, MT 59875 ranch@xxxxxxxxxxx 406.642.6490 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Ridecamp is a service of Endurance Net, http://www.endurance.net. Information, Policy, Disclaimer: http://www.endurance.net/Ridecamp Subscribe/Unsubscribe http://www.endurance.net/ridecamp/logon.asp Ride Long and Ride Safe!! =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Ridecamp is a service of Endurance Net, http://www.endurance.net. Information, Policy, Disclaimer: http://www.endurance.net/Ridecamp Subscribe/Unsubscribe http://www.endurance.net/ridecamp/logon.asp Ride Long and Ride Safe!! =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
|