NCSAM/2011–Week 1 summary–passwords
So, what did we learn this week?
You can remember more complex passwords that way, more different passwords, and ensure that you have a backup in case you forget, or someone needs to handle the password for you in the event of your death or some similar emergency (note, going on vacation is not an emergency!).
You can improve your password’s entropy far quicker by adding characters to it – making it longer – than by using an extended set of characters. So take advantage of the concept of a pass phrase, rather than a password. Even if spaces aren’t allowed by your provider, you can simply type a sentence without the spaces.
Other people should not know your password. Ever. There are other ways to achieve the sort of things you think require you to share your passwords.
Even if you don’t think about the “rouge admin problem”, there’s always the possibility that the web site or other service you are using is poorly written, and/or it gets hacked, and your password gets exposed. Don’t rush off to change your password on every other site you own – because they already have different passwords, right?
The important passwords – those that have unique access to something, so nobody else can get that access without the password – should always be backed up in some way, so that in the event of your demise, or some accident less significant but memory-impairing (most significant accidents cause short to long term memory loss), you, or your loved ones, can recover.