Power Passwords

My latest technology column for the ABA Journal is called “Power Passwords” and it’s available here.
Good security practices start with good passwords. It doesn’t get much simpler than that.
The column covers some password basics and gives you three simple strategies to power-up your passwords and to start consistently using strong passwords.
An update: Tom Mighell and I are in the homestretch of getting the writing on our book finished. The official title will be “The Lawyer’s Guide to Collaboration Tools and Technologies: Smart Ways to Work Together.” We’ve just picked the cover design. Our book will be published by the ABA’s Law Practice Management Section and will be available in early spring.
I’m looking forward to getting back to a regular blogging schedule once the writing on the book gets done.
[Originally posted on DennisKennedy.Blog (http://www.denniskennedy.com/blog/)]
Get your legal technology information by audio. Check out The Kennedy-Mighell Report Podcast.
Technorati tags:

Comments

  1. Ed says

    I just read your excellent article on Power Passwords in my wife’s ABA Journal. I am an IT Security professional, and I was pleased to see that the magazine had a good article on making good passwords – it’s actually about as good as our article on strong passwords at work.
    One trick that you missed mentioning, however, was programs to keep track of passwords. Apple laptops come with an excellent example, called Keychain Access, although there are various other such programs for Windows and Linux systems as well. Additionally, Firefox, and presumably other web browsers, have the ability to store passwords (Apple’s web browser ties into Keychain Access for this). Of course, the latter is only secure if either always secured, or the password store has a master password assigned.
    With the combination of MacOSX’s Keychain Access, and Firefox’s password store, I’ve been able to manage my literally hundreds of password, without resorting to writing passwords in a notebook, reusing passwords, using weak passwords, or going crazy.
    Note that I have a number of passwords which are not in such a database. Everyone should have at least two: their account password to log into their computer, and their password store password. I have a few more than this, because I’m in IT Security, but most people tend to not have that many.

  2. Chet Ensign says

    Great article. The best formula I ever heard for creating strong passwords was from a friend who uses the first letters to the words in the title of her current favorite song. She includes the capitalization and throws in a number for good measure. So a title like “Sure Looks Good to Me” gives you SLGtM9 for a password. For a short title, she might spell out one of the words but the end result is just as good.
    Since I am not as big a music fan, I picked a different media type, but I use a similar formula.
    What I liked about her technique is that it results in passwords that have all the hallmarks of a stong password yet are pretty easy to remember and reconstruct for yourself if necessary.
    You can even leave yourself clues stickied to your monitor (e.g. “Alicia fav + 9″) without fear that someone will be able to crack the code.

  3. says

    Dennis -
    Great article.
    The problem I run into is that there are so many variations of what a site requires and allows for passwords. I routinely run into sites that will not take a punctuation mark or will not take numbers.