Home » password strength

password strength

What can I do to improve the security of my digital information?

On Monday, March 13 at approximately 10:30 AM CST, I will be appearing on KFUO Radio’s Faith and Family program to discuss home computer security with host Andy Bates. One of the questions he’s planning to ask: “What can I do to improve the security of my digital information?”

This, fortunately, may be the easiest question to answer and the easiest step to implement.

Read More »What can I do to improve the security of my digital information?

You need a Yubikey.

I mentioned the Yubikey as the ultimate solution stolen passwords on the excellent Yahoo Marx Train forum, and another member asked me to elaborate on it. Rather than take up a lot of space with some off-topic discussion, I decided it would be better to write about it here.

The Yubikey is the best solution I’ve seen yet for the problem of remembering passwords. I am a computer security professional by trade, but I will try to avoid as much techno-jargon as I can, and explain what I do use.

Read More »You need a Yubikey.

Why your favorite web site’s password strength meter is full of hooey

Ars Technica talked three password crackers into doing their worst to a leaked database of 16,000 passwords, to see what they could learn.

They learned a lot, and we can learn a lot from their experience as well. “qeadzcwrsfxv1331” isn’t a good password. Neither is “Philippians4:13.” Neither is “correcthorsebatterystaple.” Neither is “Qbesancon321” or “Qbe$@ncon321.” Password guessing has too much intelligence built into it now.

And not only that, by continuing to use the password “popcorn,” you make it easier for those guys to guess other passwords too.Read More »Why your favorite web site’s password strength meter is full of hooey