Submission + - How do you handle passwords? (pcworld.com)
BeanBagKing writes: 1) Complex password requirements
2) Don’t write down your password!
3) 1+2 = Password reuse
4) One site, out of every one that stores your password, gets hacked.
Your user name and password are now on the loose, do you even know it? Even if you did, do you start memorizing a new one and changing every password you can find?
It seems that every website these days requires an increasingly complex password, usually indicated by some kind of password strength-o-meter, when you sign up. Combined with those of us growing up in the digital age being told to never write down passwords only seems to leave us more vulnerable as we reuse banking passwords for Slashdot (or worse, that naughty site you visit). Not only is it your password, but it's generally your user name too. The only work left for someone is to try the combination on every major banking site.
The safest thing would be a different user name and password for every site, but realistically that's not going to happen. How do you handle this? Do you reuse your passwords and just take your chances? Do you write them down, or store them in a file somewhere? Is there really a safe way to use passwords these days? I'd like to know how Slashdot handles password and account safety.
http://xkcd.com/792/
2) Don’t write down your password!
3) 1+2 = Password reuse
4) One site, out of every one that stores your password, gets hacked.
Your user name and password are now on the loose, do you even know it? Even if you did, do you start memorizing a new one and changing every password you can find?
It seems that every website these days requires an increasingly complex password, usually indicated by some kind of password strength-o-meter, when you sign up. Combined with those of us growing up in the digital age being told to never write down passwords only seems to leave us more vulnerable as we reuse banking passwords for Slashdot (or worse, that naughty site you visit). Not only is it your password, but it's generally your user name too. The only work left for someone is to try the combination on every major banking site.
The safest thing would be a different user name and password for every site, but realistically that's not going to happen. How do you handle this? Do you reuse your passwords and just take your chances? Do you write them down, or store them in a file somewhere? Is there really a safe way to use passwords these days? I'd like to know how Slashdot handles password and account safety.
http://xkcd.com/792/