, The Register 2005-09-27
Managing multiple passwords is driving end-users up the wall and leading to rising help desk costs due to frequent password reset calls.
Expand all |
Post comment
|
Password overload plagues US.biz
, The Register 2005-09-27 Managing multiple passwords is driving end-users up the wall and leading to rising help desk costs due to frequent password reset calls.
Expand all |
Post comment
|
|
|
Privacy Statement |
http://passwordsafe.sourceforge.net/
(or any of several other similar tools, although IMHO Password Safe is the best). It's basically an encrypted database, strongly encrypted under a single well-chosen master password, and with an interface that makes it easy to use for password entry. Mine is currently storing SEVENTY SIX passwords for me, all of them long, cryptographically strong, and totally unrelated to each other. The most critical ones (about a dozen) get changed monthly, which takes about 10 seconds each, and I never forget any of them.
BTW, I notice that "recording a list of passwords on a PDA or other handheld device" is identified as a risky behaviour. It is, if the passwords are stored as plaintext. Many free PDA applications are available to store passwords in a strongly encrypted form.
Even "keeping a paper record of passwords in an office" is not necessarily a bad thing if it is done carefully. Obviously a post-it note on a monitor is pretty dumb, but a discreet record kept in the wallet by day and locked away safely at night, while not ideal is arguably far better than using the same password for multiple systems. We no longer forbid users from writing down passwords, because it does cause a lot of other bad practices. Rather, we just warn them about how carefully they should protect the written copy.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/11331/32557#32557