Another reason to avoid default passwords

Submit: Add to your del.icio.us Digg This Slashdot GotNews StumbledUpon Reddit

Avoid using a “standard” password for your web sites and applications.

Yes, I admit it. I’ve used a few ‘easy’ (still complex but easily remembered) passwords for many of my non-financial web site logons.

Today, I went to a photo sharing site to view a friend’s wedding photos. It’s one of those sites that requires that you register before viewing anyone’s photos. I clicked the ‘create new account’ link and put in my e-mail address; the site told me that I already had an account. I clicked the ‘forget your password?’ link, since I didn’t have a record of this site in my password vault.

250px-d_oh.jpg

A few minutes later, the web site e-mailed my password to me. I saw that they e-mailed my password to me in the clear, but more disturbing was that the password they e-mailed to me was the password that I use for several web sites.

See these other tips about password management:

Use Password Safe to manage passwords

Store passwords in your browser? I don’t think so

Passwords: size really does matter

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s