Password security awareness, or lack thereof

Posted by Pierre Igot in: Technology
March 4th, 2003 • 10:40 pm

Troubling news from the front of online security: A report on about people getting access to sensitive information through Google searches:

Net Hacker Tool du Jour: Google

As one of the people interviewed says:

When your medical records are indexed in Google, something’s wrong.

Well, the good news about this is that it really all boils down to people’s naïvety, and, more specifically, to the passwords that they choose. David K. Every has a decent article on the issue:

Passwords and Security

Most people simply do no make the effort to choose passwords that are difficult to guess. I experience this every day in my tech support work. The only reason people are not more careful is that their systems have not been hacked INTO yet.

In addition, today’s computing experience requires people to define way too many different passwords (computer user account, email account, online banking, FTP servers, etc.). People keep losing them, and are often fortunate enough that the passwords that they chose were easy enough that they are able to semi-guess them once they’ve forgotten them. But that speaks volumes about the level of security provided.

While there are a handful of decent password management applications (I used Koingo’s Password Retriever, but am not really satisfied with it), it seems to me that the market is ripe for Apple to come up with a decent iApp for password and serial number management. It needs to be super-safe (with a master password and high-level encryption), but Apple should be able to come up with something that is to passwords and serial numbers what Mac OS X’s Address Book is to contact information.

Comments are closed.

Leave a Reply

Comments are closed.