Dizzying new lows in bad privacy practices.

by Eileen | 2:54 pm, June 16, 2012 | Comments Off

People make all manner of terrible mistakes when it comes to passwords.

They assume that password security is only for people for are likely to be to targets.  In truth, whether someone is looking to go shopping with a stranger’s bank account or to fully steal an identity, such malicious actors will go for the low-hanging fruit.  It’s nonsense to think you don’t need strong passwords until you are a target.  Having weak passwords make you a target.

I have seen it all: people who use the same password for everything, people with passwords that could be cracked in microseconds with free software…if those passwords weren’t so easy to guess that a bad actor wouldn’t even need to resort to software, passwords that stay the same for years on end, and – my personal favorite – passwords that are written down on sticky-notes…which are then labeled ‘password’ and taped to the computer deck.

However, below, I present to you the pictorial evidence of a new low.

A few days ago, I was crawling the local outlet of a chain bookstore.  This is, itself, a dispiriting exercise.  Several thousand square feet of trashy romance novels, poorly written biographies, and ‘expert’ level crossword puzzle collections that would present no challenge to a five-year-old make me wonder if  live in the dumbest and least literary corner of the state.

But this little item took me to a entirely new low.  Perhaps the idea here is to carry around your handy little book and be able to log in to all your accounts and services from anywhere.  And, in the course of this, heaven only knows where you’ll lose the list of all your passwords.  Never mind that every time you whip this bad boy out, you are advertising to anyone who cares to look that you’re an easy mark with awful security practices.

So here’s what you really should do.  You need strong passwords, passwords that differ for all your sites (this means a hacker who gains access to a single site is still not able to impersonate you on other sites), passwords that are regularly updated.  And you need a better management system than a book that frickin’ labels the key to your cyber life for all comers.

Treat yourself to a free and easy to use password management account – like LastPass or KeePass.  You get the benefit of keeping all your passwords in an encrypted vault, one that you can access anywhere there’s a signal.  You create your won encryption key, which basically means that these services can’t see your vault even if they want to.  With that single step, you’ve just defeated snooping employees and government overreach.

Do not, under any circumstances, ever, jot down your passwords in anything that clearly labels the key to your private life without affording any protection.

Trust me, kids, if I ever see someone using this book, I will swipe it and cause untold mischief as a means of teaching the value of smart privacy practicees.

 

Comments

Praise for PPC From Our Lefty "Fan"

• "Zany-ass bombast-entertainment...Hackneyed weirdo communist pseudo-nostalgia" --Alan Franklin, ProgressNow

Featured Posts

• PPC Training for Activists

  UPDATE: Something apparently got messed up with the PayPal buttons during this past weekend’s database glitch – fixed now. Yes, it’s that time again — PPC will be conducting training classes for center-right activists on Saturday, April 20 and Saturday, April 27, at Independence Institute in Denver. The tentative class schedule is as follows: Saturday, [...]

• Holder’s First Letter to Paul Precipitates the Best Filibuster Ever
• The Lamest Twitter Argument Ever Offered?
• Return of the PPC Re-Education Camps – You Know You Want to Be There
• Supreme Courts Blesses Warrantless Surveillance of Citizens in a Kafkaesque Farce
• GOP Elite and the Ruling Class
• Do We Now Get to Call Joe Salazar a “Rapist”?