I must have hundreds of accounts with passwords on different web sites, and I expect you are the same. Our passwords protect information that ranges in value from inconsequential to critical banking and email details. Wired magazine senior writer Mat Honan discovered first hand this summer how vulnerable our password protected services are when hackers compromised his email accounts and remotely deleted everything on his iPhone, iPad, and MacBook. Lacking proper backups, he lost significant personal data including every picture he had ever taken of his 18 month old daughter. Most photos were later retrieved (at considerable expense) by a forensic disk recovery lab, but Honan was left shaken. Reflecting on the incident in December's edition of Wired magazine, he concludes that passwords alone are a flawed way to authenticate identity in a networked world filled with inexpensive and powerful computers. Though it might be a little frightening, I highly recommend reading the full article, or listening to last Friday's interview on Q.
Even if Honan is right that "the age of the password has come to an end," the reality is that we keep using passwords dozens of times a day. We need incorporate practices that give as much protection as possible until more robust authentication methods gain wide-spread use. Here are five things to consider as you decide how to manage your passwords:
