Are Your Online Passwords Safe?

David Berlind blogs about his recent experience with online passwords:

A few weeks ago, I was contacted by the CEO of a company whose Web service I’ve been playing around with under non disclosure. She noted that my test account had been inactive for a decent stretch of time and was wondering what was up. “I’ve been real busy” I said. “Besides, I’m not sure I remember my password.” Within seconds, she said “Is this it?” and went to bark my password across the phone line.

I realized I wasn’t fully satisfied by the explanation I’d heard. Not because I lacked faith in her promise to have those routines installed, but rather, because that explanation alone doesn’t account for at least one scenario where an insider with the right access to her startup’s local area network could gain access to my password. That scenario has to do with user-invoked password recovery. You know — that process whose wheels are set into motion when you click the button on some Web page that says something like “I forgot my password.”
Full Story…

Click Here to Join the Good Sam Club

Be Sociable, Share!

    Share This Post

    Recent Articles

    Leave a Reply

    © 2019 . All rights reserved. Site Admin · Entries RSS · Comments RSS
    Powered by WordPress · Designed by Theme Junkie