Catholic Techno Geek

In the previous articles, I wrote about how you can create a pretty secure password. In this post I would like to focus on how you take a strong password and weaken it.

One of the most common ways of taking all of the power out of a secure password is to share it. And worse, we write the passwords down. “Sure, you can access my computer for a few minutes, the password is plUf123. Here, let me write that down for you.” Or, “if you need the password, I write it on the back of the November calendar on my desk.”

While you trust these people you share the password with, what is going to prevent them for sharing your password with someone else? If it is written down, what is going to prevent someone from finding it?

I had a person with whom I worked with that wrote all of her passwords on a piece of paper on her desk. Her rational was someone looking at the list wouldn’t be able to match the passwords with what account. One day I had to fix something on her computer and she was out of the office. I found her piece of paper, looked at the list, picked a password, and entered it. It worked and I had complete access to her files. Fortunately, my ethics prevented me from doing more than fixing the issue on her system. I told her what I had done and she never kept passwords on paper afterwords.

Another way to weaken passwords is to use them for everything. If I was able to guess your password for your computer, I am certainly going look and your browser history and see what else you accessed. Bank account – lets try the same password. Credit Card – let try the same password. Once you find the chink in armor….