Monday, January 10, 2011

More information on the Gawker password break-in

This is a follow up on my post Advice on protecting your password. If you are interested in the technical details of how the hackers were able to get over a million passwords The Dirty Truth About Web Passwords is a good place to start. Jeff makes the point that if you use the same password at multiple sites you are only as safe as the weakest site.

I am not sure I trust his conclusion that we need a central place which provides a "trusted" indentity services. I'd worry that some random site could pretend to use Facebook or Google but provide an layer between that captures passwords.

The bottom line is you want to be very careful with passwords. I have a different password for each site.

No comments: