Password Madness

Passwords are such a week security mechanism. It is so typical for people to use one or two passwords for every online account they have. If someone gets that password (perhaps a sysadmin at a web site that you use) they could use it to open all kinds of doors.

Having recognized that, I am not a big fan of web sites that try to prevent that. Today I was reviewing an account I have with GMAC Finance. They require a password with two numeric characters. I cannot imagine anything with two numbers that I can easily remember. Especially at a sit that I visit infrequently.

However, I can top that. Ministry’s Retirement Savings vendor, Diversified Investment Advisors, requires an 8 character user name. What is the sense in that? I can see an 8 character password, but the user name is the part that should be really easy to remember.

In the hospitals we have hundreds of applications. Buying products that plug into our Active Directory authentication scheme is being more and more critical. When you ask your users to remember a lot of complex passwords that change frequently will result in people writing down passwords in places they can find them.

7 thoughts on “Password Madness

  1. Password provide us a way of security still not the complete assurance of safety.But we are using them till we will not get some other way which is more secured than the passwords.

  2. SSO — would be nice. So, now there will be a single point of entry/failure. While, I don’t believe that is completely ready SSO with biometrics entry would eliminate the password.

  3. for a number in personal passwords, I often choose the number of the house I grew up in— easy for me to remember, but would require some concerted effort for someone else to acquire

  4. It is just insane the number and variety of passwords and login names I have. Some sites require passwords of 6 characters, some 8, some must have at least one numeric. Some sites want you to use your email address for the user login. I can never remember which login ID/password I used. If they would just give you a CLUE.
    Password is 6 characters, Password is 8 characters plus number… etc!

  5. Since posting this I have found a new online tool for managing passwords. Check-out http://www.clipperz.com/

    It stores all of your passwords online (encrypted). It also has a cool way of storing the page address and the user name and password so you can logon with a single click.

    I prefer this over a program that locall stores my passwords because I use a lot of different computer.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s