A good bit by Bruce Schneier about "Real-World Passwords"





Check out this
post
from Schneier on Security:




How good are the passwords people are choosing to protect their
computers and online accounts?


It's a hard question to answer because data is scarce. But recently, a
colleague sent me some spoils from a MySpace phishing attack: 34,000
actual user names and passwords.



(read the whole thing here: Real-World
Passwords
)




 My password philosophy goes like this. I have a standard one that I use
for the majority of sites where I don't care at all if someone gets into
it. Then I have a series of 4, progressively more obscure ones that I
use on how important access control is, with the most impossible to
guess one on my financial accounts.



Reading this makes me wonder if I am not taking this far enough...

Posted on December 14, 2006 and filed under Life.