Skip to content

Keeping Passwords Secure

April 9, 2010

When thinking about a resource to share this week, I browsed through my bookmarks and found this Gizmodo post about password security and remembered back to the very beginning of the semester, when Derek asked us to download Password Gorilla. Admittedly, the explanation provided goes a little over my head, but it is interesting to learn about how clicking “remember my password” can leave you vulnerable, since your password is then stored locally in an unencrypted format. Gizmodo’s sister site, LifeHacker, also has some great posts on passwords, including this one on how to create and remember strong passwords. It’s something I fully intend to get around to…someday!

4 Comments leave one →
  1. April 9, 2010 10:40 pm

    I downloaded password gorilla, had a hard time figuring it out, got frustrated, and deleted the whole program. I ended up with LastPass. I like it (especially the filling out forms automatically feature) but I admittedly don’t think I’ve taken full advantage of it yet.
    It’s one of those things that I always say I’ll get around to concentrating on & then never do….maybe your post and the articles will motivate me to do it. One can hope!

  2. lib240chang permalink
    April 9, 2010 11:31 pm

    Thanks for sharing the lifehacker article. Currently I jot everything down in a notebook old school, and so I have to dig it out every time I forget a password. It usually works for me until I misplace my notebook, so I’m going to try applying Trapani’s rule set idea.

  3. Darth77 permalink
    April 9, 2010 11:59 pm

    This just confirms my suspicions about people trying to get information about me. I just use a physical log and keep it hidden.

  4. June 20, 2010 3:10 am

    Pundits tell us to use a different password for every site. But how is one going to remember heaps of passwords. What bugs me is that sites which use unencrypted passwords, do not warn you before you create a password. Then they send you an email with one of your favourite passwords in clear in the email.

    For example the Information Management site ( did this to me. I assumed because they were a bunch of IT professionals they would keep my password secure. ‘Fraid not!

    It would be great if the industry could adopt a standard way for web sites to advise potential customers simply and clearly whether the PIN or password they collect is encrypted or held in clear.

    Does anyone know a site that warns how safe a site is in terms of its user access and general information security?

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: