Posts Tagged Lastpass
You have all probably noticed that this blog isn’t updated very often. I’m afraid I’ve fallen into what Vernor Vinge once described to me as the “Usenet trap”.
A long time ago I was fortunate enough to spend time with him on a semi-regular basis, and even shared an office with him for one semester. At that time I asked him if he ever read Usenet News (which tells you how long ago this was), and he said (paraphrasing) “No. If you are reading, you aren’t writing, and I want to spend more time creating, and not all my time consuming.” At that time he was working on the draft that became “A Fire Upon the Deep.”
I spent some time over the past week, looking at how much time I spent consuming “media” (reading) as opposed to writing (other than work). Read the rest of this entry »
I was one of the million or so people affected by the recent Gawker compromise. At the same time, I’m moving to a new laptop. I decided to take this as a wakeup call to get my password house in order, and to change some of the things about my working environment.
I had originally thought that I was unaffected, but I had created a throwaway Gawker account over a year ago so I could comment on a Jalopnik post. Throwaway email address at a domain that I no longer use, and a password that I shared with all throwaway web accounts. So far, so good.
While I was looking into the stories about the Gawker incident, I found this article at lifehacker about how to be smarter about online passwords. I’ve always kept “important” passwords (banks, credit cards, etc) completely separate from email accounts, web site accounts, etc. I use the built-in password manager in Firefox for most accounts, but with a master password.
But, when I tried the “Lastpass security test“, I discovered that I had entirely too many web accounts (361!), and entirely too much password reuse. So, time to get serious about web passwords.
Since installing Lastpass, I’ve started culling through all that old password cruft, and resetting my most important passwords with generated passwords. Since I have several completely separate online identities, this may take some time. I figure I’ll have to take a fair amount of time over the Holiday break.
We have to realize that very few, if any of the web sites we use on a daily basis were actually designed with security in mind. Any security they have in place is to protect themselves, not their visitors. Gawker has admitted this, and seems to be changing course. I wonder if any other sites will take this as a wakeup call?
- How to Audit and Update Your Passwords [Passwords] (lifehacker.com)
- Personal Password Security and the Gawker Hack (prweb.com)