Tuesday, December 3, 2013

Passwords and more passwords

In this blog, I want to speak  briefly about passwords,  but not my usual with regards to strength, but with vaulting the passwords for later recovery.


Take this recent case. I had a domain up for renewal,  but the mail admin  contact was disabled. I 've been trying over the last 3 weeks, in attempts to recover the password.


Guess what ?  I had the wrong account information




So sitting here drinking my San Miguel beer got me wondering.

How many electronic accounts do I really  have ?


2x credit card acounts
5x bank/saving accounts PIN/act#,etc....
3x IRA accounts
A few  email accounts ( about 6x non job related , and 3x job relate  btw one of those I can't recall that password :(  )
2x  googlevoice  numbers
2x voice-mail systems passcodes
numerous router/switch/ips/firewalls ( so many that I can even recall of these )
1x alarm code
4x access code
1x itunes store
1x androd store
5x vpn accounts
3x dns-registrar counts


and the list goes on and on .....etc...

I accounted over 64 unique accounts/password/pins  in my electronic daily madness. I'm sure I missed a few btw, that I completely  forgot about & just like with with my domain registrar .

Not all are the same,  nor uses the same "Password criteria". And not all have the same password recovery criteria or methods.



Take this for example, a new bank account that I just open, has a password criteria that matches  any of the following;



note: you have to laugh at 1st line ( see arrow ) & with  the min of 4  characters and specially when the bank brags about taking security seriously :)



So with so many rules, acounts, names,etc........ just how do we manage our username/password details?



  • Do we deploy a kee-pass type of approach , & the one master-key that give us access to all of the keys on the key-rings?
  • How about  the nuclear submariners missile launch control method ( the two keys approach) ?
  • Help & aids from a Biometrics solution ?
  • A electronic safe-deposit box?
  • Do we burying or information outback under a brick,  or like a squirrel buring a nut? 
                                       
                                        ( will we even remeber where we buried it at ? )


In our modern day and electronic ages, we have so many functions in our everyday life that revolves around a login/password.And this is not going to  get easy?



Ken Felix
Freelance Network / Security Engineer
kfelix  ----a---t---socpuppets ---d---o---t---com

     ^      ^
=(  @   @ )=
          o
       /     \

No comments:

Post a Comment