Philip Newton (pne) wrote,
Philip Newton
pne

On using different passwords for different sites

blogs.forbes.com has an article on how Gawker’s sites were hacked, and one of the comments contained this gem:

What I learned was that for less secure sites like gawker I should have a different password for them than those used for emails and such.

Gee, you think using something other than your email password for another site might be a good idea?

I mean, ideally you’d use a separate password for each and every site, but that usually falls down to memory problems: so you either have to use a “password safe” program of some kind, or you end up using three or four passwords depending on the “security level” of the site (one for unimportant sites, a stronger one for more important ones, with the strongest ones reserved for just one or two sites, places like your bank account or your email).

Regardless, though, email accounts are kind of special in a way that, perhaps, not even bank accounts are: because so many passwords can be reset by sending you an email, once your email account is compromised, just about every other account of yours is, too. That alone should argue that your email account should have a separate password, that can’t be obtained even if someone cracks two dozen of your other accounts. (It should also be hard to guess or crack.)

Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 4 comments