Sunday, October 07, 2018

The Daily - Sunday, October 7, 2018 (AM)

SHORT RUN BETTER THAN NO RUN

This morning's jog was short (less than a mile) and that's OK. At least I was able to get out there and log some time on the road. This, of course, does not preclude a longer run later this afternoon or evening. Or perhaps I will use mowing the lawn as my cardio for today. Or maybe I will do both. Let's see what the energy level is as the day progresses.

USE A PASSWORD MANAGER!

In several of the security-related podcasts I listen to there have been in-depth analysis of the state of password security and why it is impossible for humans to produce (much less remember) hundreds of random-character passwords that are safe to use. The only solution: use a password manager. I have been using an old password manager called PINs. Although it is an older Windows-based program, I have been able to successfully run it under Linux. If you have an older system and you want a fast and low-resource password manager, then PINs maybe a good choice for you. I have been able to run it from a USB drive for years, although this has been curtailed as many environments no longer allow USB devices to connect to their machines.

Another password manager I think is worth considering is Keepass. This application is free, open source, and runs in Windows, Linux, Mac OS X, Android, iOS, and other platforms.

Many security experts recommend Lastpass as one of the best password managers. The fact that you can have one account and all your passwords are accessible anywhere you log in (home, work, smartphone, tablet, etc.) is a great feature.

In the past, security experts had recommended using a root part of a password with a variable portion to make passwords easier to remember. For example, you could use something like "Mypass" + "Face" + "99" to make up a password for Facebook. Hackers have figured this scheme out and, experts indicate, using this makes it easier for a hacker to break into other accounts once they have one of your passwords.

The best approach:use a password manager and generate random-character passwords for each site/application, and make each password at least 16 characters long. Passwords should contain upper and lower cases, numbers, and special characters. Just as important: change your critical account passwords every three to six months. A password manager can alert you when a password needs to be updated. All websites allow you to change your password as long as you can provide your current password. Changing your passwords regularly prevents hackers from breaking into your accounts using old lists of hacked passwords that are readily available for sale.

No comments: