Tags Internet
From our company guidelines, and hopefully from elsewhere, we all know what is a *good* password. Mixture of cAseS, numbers, some of it random... two words divided by numbers, like4512this, etc, etc...

So why THE HELL are those stupid password reminders are used on big sites ?? Let's see, password is: xMore45supeRFly, but "What is your pet's name ?"... come on... how many pet names are there ? 1000 ? 20000 ? It's trivial to guess. Not to mention friends and people who are familiar with you, who can sometimes answer these questions.

It considerably weakens the system. Never, never answer those questions if you want at least some level of security... or if you're forced to answer (there are sites dumb enough to require this), just drop the longest possible string you can think of...

What is your mother's maiden name ?

ggrph2324fg11aaQMDKAUiii6666

Hmm...


Comments

comments powered by Disqus