In one such recent attack, Robert Graham, the CEO of Errata Security, came to a few startling conclusions based on the passwords published showing what should not be your password:

• 16% of passwords matched a person’s first name
• 14% of passwords were patterns on the keyboard
• 4% are variations of the word “password”
• 5% of passwords are pop-culture references
• 4% of passwords appear to reference things nearby
• 3% of passwords are “emo” words
• 3% are “don’t care” words
• 1.3% are passwords people saw in movies/TV
• 1% are sports related

You can read the complete report here.

Password management is a big hassle that every Internet user has to deal with today. Apart from the regular ones that I use, I try out new products and services all the time and have over 50 different accounts as I speak. So I use a password management software called KeePass, which is open source. In the past, Jesse suggested several others like Billeo, Vidoop and Passpack. These softwares usually are also capable of generating strong passwords or you can use an online service like the Strong Password Generator to generate a password for you.

The most basic rule is to use a long combination of small and capital letters, numbers and symbols. Read this Microsoft Security article about how to create and use strong passwords.

Post from: EveryJoe

Strong and Weak Passwords

Billeo was developed to be a bill management application. It can track when bills are due, how much has been paid and can take snapshots of pages you are viewing. In addition, on Windows, it can keep track of your web passwords. This includes banking, credit card, email and some of those more risqué sites that you may or may not (but probably do) visit. The downside is the passwords are only stored on your computer and it’s Windows only.

Vidoop has come aboard and has not only created a great cross-browser application but they have a great security mechanism for keeping people out of your account. In order to log in (and install the toolbar/plugin), a user must first type their username, answer a security question and then verify by either telephone or email that they are in fact the user logging in. Finally, each time you want to log in during future sessions from that machine, a user has to pick out the three “types” of pictures that they chose during setup. This could be a computer, a fruit, an animal or almost anything else you can think of.

Finally, Passpack has made great advances in the security area. In addition to being able to access your information from almost anywhere on the internet, user’s information is never stored unencrypted on Passpack’s servers (it’s browser-side encrypted always) and can contain more than simple username and password combinations. This is great for storing other useful info like a bank account number or your hit list (if you’re in to that kind of thing). Tara, one of the founders of Passpack writes a great post of how to replace some of the tools that you may already be using with theirs (such as Google’s Browser Sync).

All-in-all there are some great tools for managing your passwords in your browser. Using these and other tools, you can keep both your information safe and your memory in tact.

Post from: EveryJoe

Smart password management right in your browser

Check out the blog post at SECURE-ID’s blog below.

Image Courtesy Of: http://securid.wordpress.com/2008/05/31/new-way-to-store-passwords/

Post from: EveryJoe

This is not the way to save your passwords