Paranoidly Paranoid

I believe that everyone has their own security standards. Whether it’s personal security, software security, home security… everyone has an idea of what measures should be taken. However today I’m referring to password security. Namely, passwords that are used around the Internet. What’s good enough? How many passwords should I maintain? How advanced should the password be?

My little project for the day was going through each website or service that I use and completely change the password(s). I do this about once a year, over 2006 I used a light algorithm where I would take the first word of the website or company’s name and follow it with a word and a single number. The problem is that not all of the passwords were changed over to this standard, and some had to be the first two words, or part of the first word and it was hard to remember them all.

Today I decided to go back to a small set of passwords to access most everything. I believe the risk of someone wanting to break into everything that is Mark Langenfeld is pretty low, and the passwords I have decided to use are secure enough to where it couldn’t be guessed, but for my own reasons I can easily memorize. However even if they’re secure, using just a couple keys like this seems risky, or is it?

I’m finding that many websites these days require the user to have a fairly secure login. In fact, it’s hard to not have a good password. My financial institution’s rewards program requires a password of a certain length, with a minimum of two numbers, two letters, and one uppercase letter. That’s not even the bank website, it’s just the rewards program.

I came across a great article on Wired.com today that takes a group of kids on Myspace for an example, and what they were using for a login. I could care less about Myspace but the results were surprising, I highly recommend reading it.