Don’t click “Lost Password”

“E-mail sent over the Internet is more like paper mail on a postcard than mail in a sealed envelope. […] Hackers can read and/or forge e-mail. Government agencies eavesdrop on private communications.”

From Introduction to PGP

What this means for you

Raise your hand if you’ve ever used a website’s “I forgot my password” link.

Ok, and what do most (luckily not all) websites do then?
They send you the forgotten password via email.

And why is that no good?
Because email is not safe.

And what if you often reuse the same password for different sites?
You’re a prime candidate for Identity Theft.

How can you protect yourself?
Never forget your passwords, and never reuse the same ones.

Sounds impossible right?
Wrong, just use a Password Manager (like PassPack) to safely store all your passwords so you don’t have to remember them.

Take the pledge:

I will not click the “Lost Password” link.
I will choose, and use, a Password Manager.

Digg!

Technorati Tags: , , , , , ,

Advertisements

4 responses to “Don’t click “Lost Password”

  1. I came up with what I figured was a neat way to create and remember passwords that is essentially uncrackable. It relies, kind of, on being a scientist, but anyone with a brain could use it. Find out about molecular passwords here

  2. Hello David,
    I left some suggestions for improvement on your method, as well as my usual warnings on not using a password manager, here: http://www.sciencetext.com/passwords-for-scientists.html#comment-1268

    Thanks for writing in – cheers!
    Tara

  3. I’ve just registered with PassPack and given it a quick try with a single site and password. What I was expecting to happen when I clicked the “Go there” link to take me to that site was for the login to automatically take me into the private area, but it didn’t. Maybe I’m missing the point. Could you give us a quick resume of how the system should work?

    Thanks

    d

  4. @David
    Hi there. PassPack will support an auto-login feature, but it has not yet been released. Here is a post for you on how it works:
    https://passpack.wordpress.com/2007/03/22/passpack-auto-login-no-plugin-needed/

    Let me know if you have any more questions.
    Cheers,
    Tara

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s