Here's what I’m reading this week:
- How secure is your password?: There are few concepts in security today as reviled as the password — and with good reason. Passwords today seem optimally designed for people to forget them, for users to write them down where they can be stolen or reuse them so a single breach exposes multiple systems, and for brute-force cracking systems to break open. Much of the talk today is about how to "end" the password by moving us to new security technologies. But the password isn't going away any time soon and, in the interim, the question of what constitutes a "strong" password that you can nevertheless remember is essential. A recent piece in The New York Times brings the scientific method to bear to analyze the relative strengths of passwords and debunk many of our flawed assumptions. If you have time, take their quiz on password strength (available here). In the meantime, here's a question to leave you with: Which password is more secure: "thefirstkiss" or "1qaz2wsx3edc"?
I'm reading: "You added ‘!’ or ‘1’ to your password, thinking this made it strong. Science says no."