By Woody Leonhard
You can find no end of advice on creating strong passwords, using clever tricks, stats, mnemonics, and such.
But all too frequently we (and I include myself in this rebuke) tend to reuse little passwords at what we think are inconsequential sites. It’s a big mistake — here’s why.
This story is true. As the admonition goes: only the names have been changed to protect the innocent.
I live in a small town a couple of hours away from a big city we’ll call Metropolis. There are several daily newspapers in Metropolis, and one of the largest (let’s call it the Daily Planet) boasts a very nice website. The people who create and maintain the Daily Planet site are excellent designers and programmers — but they aren’t security experts.
One of Metropolis’s citizens is a regular guy named, oh, Joe. He’s pretty good with computers, and he knows enough to use strong passwords on bank and stock-market sites.