Write Down Your Password
Microsoft’s Jesper Johansson urged people to write down their passwords.
This is good advice, and I’ve been saying it for years.
Simply, people can no longer remember passwords good enough to reliably defend against dictionary attacks, and are much more secure if they choose a password too complicated to remember and then write it down. We’re all good at securing small pieces of paper. I recommend that people write their passwords down on a small piece of paper, and keep it with their other valuable small pieces of paper (i.e. their money) in their wallet.
In related news the BBC reports on a survey carried out by IT security firm Cyber-Ark that reveals that major companies’ computer passwords are ‘up for grabs’.
Half of IT managers employed by large-sized companies believe it would be relatively easy to gain the core passwords for their computer systems.
I disagree with the tone of the story which suggests that physically securing paper copies of core passwords in a safe or locked filing cabinet is less secure than digitally securing them.
Cyber-Ark would appear I believe to be biased as they offer technologies to digitally secure passwords and manage identities. I think as long as the company had a security policy that was followed in regard to access to any safe that contained core passwords this would be as secure as needed.
Tags: computer security, security
