Tim Akinbo’s Blog
the web, mobile technology and location based services as I see it
Your password has been compromised
29 Aug 2009Can I see a raise of hand if you use the same password on more than one website? Oh you even use the same password on all websites? Terrible!
Have you ever considered what the consequences will be if a rouge web developer attempts to use that same password you used to register on his website to login to your email? It could be worse.
The problem is that there are numerous websites out there and though I could say use random passwords, you’ll soon have to use the password recovery utility on every website you have an account on as you wouldn’t be able to remember all the passwords.
One solution, is to use a password manager. I’ll personally recommend KeePass – which is a utility that enables you to generate and/or store your passwords securely. It has a number of good security features that even helps to mitigate the activity of key loggers, perhaps they are installed on your system.
Alternatively, I will suggest the use of an online utility like Hashapass. The reason I’m excited about this is because it allows you to use a password you remember and combines this with some other information (e.g. the domain name like cnn.com) to generate a hash that can then be used as a password to the site.
If you had an account on say gmail.com, and you used a master password of say jackass, entering in this information into the Hashapass generator will generate the password: y/NTQTnm. Not bad hmm? yahoo.com as the parameter generates DyPh7Z5d. Completely random and very difficult to guess. All you need to remember is your master password. Better still, the bookmarklet will even make it easier to use the service without having to first visit the website.
Comment Form
About this blog
Tim Akinbo's Weblog is the personal weblog of Tim Akinbo. Here he discusses issues relating to technology. Special interests include the web, mobile technology and location based services.
Photostream
Categories
- Blogging (1)
- Computer Security (1)
- Events (2)
- Gadgets (1)
- General (5)
- GIS (2)
- Mobile (1)
- Open Data (2)
- Programming (6)
- Telecoms (1)
- Web Development (8)
- Daniel: Thanks Tim for coming over! Icant $get that day to me that was like a boost to my skills I was thnki [...]
- Iyinoluwa Balogun: i think curiousity comes first. those who have left footprints in the sands of time started by quest [...]
- Kizito S.M.: What I gather is that this G-Buzz is something like a blend between Facebook Updates and Twitter fol [...]
- concept37: They are trying to out-facebook facebook and out-twitter twitter, Folks who want to do these things [...]
- ray: Funny u took it from the LBS angle, which makes better sense. But from the social networking perspec [...]
- How it was done – Nigerian postcode data extraction
- Nigerian postcodes – a case for open data
- Just how buzz-worthy?
- Blacklisting Nigeria
- Thirsty?
- When unique isn’t really unique
- Google Latitude Apps Review (Location History and Alerts)
- Kindle for PC?
- Web APIs and Mashups Seminar in Jos
- Using git hooks to check syntax errors
2 Responses to Your password has been compromised
Segun
September 23rd, 2009 at 2:19 am
Hi,
this is more of a question than a comment. I am currently doing some research into web server security in Nigeria, Please can you provide me with any literature or pointers.
Any help will be greatly appericiated.
Regards
Tim
September 23rd, 2009 at 2:56 am
Welcome to my blog Segun, thanks for stopping by. Web server security in Nigeria is not a topic I’m familiar with and so I can’t really help you with that.