Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - People Reuse Passwords. Minimize the Risk.->

Submitted by ergo98
ergo98 (9391) writes "Users reuse passwords, likely to a greater degree than they admit.

It clearly isn't going to change: This story has played out time and time again as password databases are compromised and accounts are exploited. While those attacks get the loudest attention, it seems likely that there are much quieter misuse of credentials by the people who you trust with them. If you used the same password for iTunes or PayPal that you used for some random site, for instance, it seems obvious that the rolls of the dice will yield a compromise at some point. Even if they carefully scrypt your password before putting it in their database, there are zero guarantees that the sites themselves aren't doing other things with it.

So what is the solution? A better input type="password"? OpenId, OpenAuth, or Facebook Connect, putting more eggs in one basket? Two-factor authentication (widely usable now with OATH implementations of HOTP/TOTP in smartphone apps)?

Something needs to improve because the same story keeps playing out."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

People Reuse Passwords. Minimize the Risk.

Comments Filter:

"In matters of principle, stand like a rock; in matters of taste, swim with the current." -- Thomas Jefferson

Working...