Smashing Security podcast: Passwords

Three security industry veterans, chatting about computer security and online privacy.

Smashing Security podcast: Passwords

It was Internet Safety Day on Tuesday, and Vanja Svajcer, Carole Theriault and I decided that was as good an excuse as any to record a special “splinter” episode of “Smashing Security” podcast - taking a close look at the thorny topic of passwords.

Listen on Apple Podcasts | Google Podcasts | RSS for you nerds.

Hope you enjoy the show, and tell us what you think! You can follow the Smashing Security team at @SmashinSecurity on Twitter.

Tags: , , ,

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , ,

2 Responses

  1. Bob

    February 8, 2017 at 11:33 am #

    For people who decide to use a password manager it’s worth noting that you can use the software to generate a strong, unique, random password. The podcast wasn’t entirely clear in this regard. So not only does a password manager store passwords but it creates them too. As long as you remember the master password (for your password manager) you don’t need to worry about creating future passwords yourself.

    Google and Microsoft offer a new way to login without a password. It’s secure and convenient:

    https://support.google.com/accounts/answer/6361026?hl=en

    https://play.google.com/store/apps/details?id=com.azure.authenticator&hl=en_GB
    https://itunes.apple.com/gb/app/microsoft-authenticator/id983156458?mt=8

    Nowadays I recommend a cloud password manager because they work on multiple devices: phones, tablets, computers etc. LastPass is one such service which is cloud-based and it’s free.

    https://www.lastpass.com/

    1Password is another cloud password manager although there are currently some problems with their service leaking metadata (on older versions… they call it a “feature”) and on the most recent version if you use it to store sensitive documents you can find you lose access to them because of their decision to use the Windows Encrypting File System. There was also another (now fixed) vulnerability found by research Tavis Ormandy of Google. You’ve got to pay for 1Password although on the plus side it’s a very nice design though and looks good on a Mac.

    For people who prefer offline password managers (which I don’t recommend anymore because people want to access their up-to-date passwords on multiple devices/platforms) then the two best are KeePass and Password Safe. Both are free, open source and highly recommended amongst the security community.

    http://keepass.info/
    https://pwsafe.org/

    • Jan-Willem Aikens in reply to Bob.

      August 4, 2018 at 4:04 pm #

      I thought that was made exactly clear. Great podcast. Thanks!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.