letmein

, , ,

My current vocation is that of tech support manager for an ISP. As such, I spend a good portion of my days retrieving or resetting passwords for customers for their email, for FTP access to their websites, for admin access to their hosting control panel…

Frequently, the responses for desired passwords are astounding.

"How about '12345'", I'm asked. Or "just set it to password for now, and I'll change it later", I hear. Neither request gets honored. Nor do requests for "qwerty", "fido", "success", or something like "sept1953", at least not in those forms.

In today's online world, the sanctity of your data and your personal information is often no more secure than the strength of your passwords. Yes, that's plural. A single password for your banking, your news, your email and your computer logon is akin to leaving a key to your front door under the welcome mat and a list of your valuables taped to it.

Why the emphasis on multiple, strong passwords? Suppose, someone whose integrity is somewhat tarnished, or more likely, an automated piece of software written by that person, were to discover that your email password was "letmein." No worries, right? After all, it's only email.

What kind of information could someone get from reading your email? Well, possibly the name of the bank you use. So, armed with your email address, and the password to your email, the obvious next step is to call up the homepage of your bank and attempt to log in with your email address and the compromised password. Would they get in? In too many instances, the answer is yes. And to the sites you pay your utilities on, the lists you subscribe to, the domains you may own or manage, your mortgage company…

For an interesting look at how secure your passwords might be (or might not be), check out the neat little app I found at http://onlinepasswordgenerator.net/test-your-password.php. I have a couple that scored in the 6-7 million year range and, unfortunately, a couple that scored in the 6-7 month range. Test yours and see how you do.

I found this chart extremely englightening:

Most common passwords and the time it would take to brute force them :


  1. password—1 minute, 13 seconds

  2. letmein—2 seconds

  3. 12345678—less than one second

  4. qwerty—less than one second

  5. charlie—2 seconds

  6. monkey—less than one second

  7. 123abc—less than one second



—onlinepasswordgenerator.net


If nothing else, visit their home page the next time you need a password and let their random generator create one for you. Keep your info and your data secure.

Yet to come, a review on various password managers.

ADD COMMENTS
Read More

Using the notepad below

The notepad below, is presented as a convenience for readers of this blog. Feel free to use it for copy / paste purposes, if you see a link you'd like to follow a bit later, or for notes or reminders. Anything at all. Because it is a JavaScript applet, it runs only on your machine. No one else can see your notes and when your session is cleared, your notes will be cleared as well.


On Course

On Course

What constitutes a broken website? Apart from the obvious broken links and "page not found" errors, The Compass includes the following as broken, as well.

  • Stale Content
  • Outdated Information
  • No Contact Method
  • Deprecated Code

For more detailed information on any of the points listed above, please visit http://compasslanding.com.