weblog · archives · search · rss · about ·
Says Robin Millette (via email): A secret is something you tell everyone not to repeat.
If you forget your password, the secret question can verify your identity so you can choose another password or have the site e-mail your current password to you. It's a great idea from a customer service perspective -- a user is less likely to forget his first pet's name than some random password -- but terrible for security. The answer to the secret question is much easier to guess than a good password, and the information is much more public. (I'll bet the name of my family's first pet is in some database somewhere.) And even worse, everybody seems to use the same series of secret questions.
The problem with secrets like your mother's maiden name is the same as with biometrics: it's set in stone and you can't change it. Using the same secret all over the place makes it not so secret anymore.
$/> date | md5
0062cae6e0fbaa1032278bf03c78c631, which is pretty secure
and will pass the security requirements (minimum number of characters,
mix of letters and numbers) of most sites.
That string isn't typeable, though -- you have to be able to copy and paste it, and to do that it has to be in a file, which will be a major breach of security. To save passwords in a secure file that I can copy and paste from I use a tool called PasswordSafe.
What is Password Safe? Password Safe is an Open Source (free) tool that allows you to have a different password for all the different programs and websites that you deal with, without actually having to remember all those usernames and passwords.
When you use PasswordSafe you only have one important password, the one on your passwordsafe data file, so you can afford to take the trouble to memorize a really nasty password. For all other passwords you use the random password generator in the software to have a highly secure but otherwise unusable password, then use copy and paste to avoid having to remember or type it.
PasswordSafe has become such an important part of my daily computing that I think it says something profound about large-scale distributed systems like the open internet. What it says to me is something like: one of the only things that can't run over the internet is a security agent like PasswordSafe, and for everything else you need local security agent like PasswordSafe.