In case you haven’t heard, LinkedIn passwords were hacked and posted online. If you haven’t changed your LinkedIn password since the attack, please stop reading and go do it now.
In reading about the attack, I sent a few friends a note as well to remind them that not only should they change their passwords, but that they should not be using the same password in multiple places. With more and more services intertwined, and more logins needed, it’s no stretch to think that someone that manages to crack your password, or steal it, from one service might use it on another service. Especially banking services.
As data professionals, it’s easy for us to preach to non-technical people the value of strong passwords, but it can be hard to get them to use them. Strong passwords are problematic for many people to remember and type, and we find that most people prefer the path of least resistance: one short password that’s easy to remember.
This article talks about a few things that IT people can do to help educate others and make it easier for them to consider strong passwords. Inside of a company, we can try to implement more services and products that secure our systems, but if people continue to use the same password for their personal mail or favorite website, much of that might not matter.
Ultimately I think the best thing we can do is set a good example, and choose strong passwords stored in a password manager. Once people see that it’s relatively easy to secure passwords with something like KeePass or Password Safe, they may give it a try. That may help keep our data just a little more secure.
The Voice of the DBA Podcasts
We publish three versions of the podcast each day for you to enjoy.