I was reading a blog on Schneier
on Security earlier today that was talking about knowledge based
authentication in the form of security questions, and one of the comments
hit the mark on the importance of using more than one password for your online
accounts to increase fraud prevention
security.
The quote from Paul R. Dittrich says:
Years ago, a colleague asked “Why do I need to
have so many passwords?” Rather than answering directly, I pointed at his
keyring and asked him “Why do you need so many different keys? Wouldn’t it
be easier to have just one key to open everything?”
He looked at me like I was crazy and said
“Well THAT would be dumb!”
(Unfortunately, he did not recognize the analogy between his keys and his
passwords.)
So this brings me to some pointers on password security:
- Dont
use the same password for all accounts - Dont
use answers that would be obvious (e.g.: pets name, name of children, anniversary
date, date of birth, favorite sports team, etc.) - Use
upper case and lower case letters - Use
numbers to replace letters - Change
your password several times per year
