Authentication - Multi-Factor Auth, Single Sign-on

Heartbleed. The end of XP. Zero-day Internet Explorer attacks. April was a tough month for security on the Internet -- are the days of safe browsing over?

Probably not. But it is time to make sure you have good password management processes -- or learn how to do it if not.

Years ago I wrote about Smarter Password Management, and how to more easily create secure passwords. It's time for a brief update, as the environment has changed a bit.

Not 2 weeks after my newsletter calling out how people take for granted that nothing bad will happen to their web sites, two of the biggest providers went down yesterday, Amazon and Akamai, in several separate incide

Why use a strong password

In the online world, security plays a role in all online activities. Passwords are the most commonly used method to limit access to specific people. In last month's newsletter, we discussed assessing the relative value of systems protected by passwords, and grouping passwords across locations with similar trustworthiness.

In a nutshell, don't bother creating and remembering strong passwords for low value systems, and certainly don't use the same passwords for low value systems that you use in high value systems.

The problem with weak passwords

Your dog's name. Your anniversary. Your childrens' initials, birthday, or birth weight. Your favorite hobby, or the name of your boat. Which one do you use for your password? Network Administrators and hackers know that most people choose passwords like these to protect anything from logging into web-based bulletin boards to buying things online.

Why does it matter? Identity theft. Corporate espionage. Loss of your data, or digital photos. Do you want to risk these things? In many cases, a weak password is all that separates your data from any bad guy who chooses to impersonate you online, or worse.