Friday, April 11, 2014

Password Madness

The one thing the Heartbleed bug panic has shown is how nonsensical online passwords have become.

Some of my services require a certain length (8-15), some require an uppercase, many require a number, some disallow numbers, some require a special character whereas many do not allow special characters, many will not allow a password to be reused.

On top of this, the password retrieval or reset process of many sites is laughable.

And then there are those sites that don't use your email as your username...

I was a victim of the Adobe hack, but I still have an account with those muppets.

I've tried every password aggregation service under the sun, but the problem here is that you are creating a single point of failure: some of these services were victim to Heartbleed.

So, now I have a file on my computer where I write everything down. My reaction to utter madness is sheer stupidity...

And the biggest victim of Heartbleed ? Google, ostensibly a company who employ the brightest techies in the world, and they didn't spot this over two years.

And even if you do bother, you know the NSA or GCHQ will have a backdoor and can see it anyway.

I'm off to my mountain cabin...