Smashing Security podcast: Passwords

Three security industry veterans, chatting about computer security and online privacy.

Smashing Security podcast: Passwords

It was Internet Safety Day on Tuesday, and Vanja Svajcer, Carole Theriault and I decided that was as good an excuse as any to record a special "splinter" episode of "Smashing Security" podcast - taking a close look at the thorny topic of passwords.

Subscribe: Apple Podcasts | Google Play | Overcast | Stitcher | RSS for you nerds.

Hope you enjoy the show, and tell us what you think! You can follow the Smashing Security team at @SmashinSecurity on Twitter.

Tags: , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

, , ,

One Response

  1. Bob

    February 8, 2017 at 11:33 am #

    For people who decide to use a password manager it's worth noting that you can use the software to generate a strong, unique, random password. The podcast wasn't entirely clear in this regard. So not only does a password manager store passwords but it creates them too. As long as you remember the master password (for your password manager) you don't need to worry about creating future passwords yourself.

    Google and Microsoft offer a new way to login without a password. It's secure and convenient:

    https://support.google.com/accounts/answer/6361026?hl=en

    https://play.google.com/store/apps/details?id=com.azure.authenticator&hl=en_GB
    https://itunes.apple.com/gb/app/microsoft-authenticator/id983156458?mt=8

    Nowadays I recommend a cloud password manager because they work on multiple devices: phones, tablets, computers etc. LastPass is one such service which is cloud-based and it's free.

    https://www.lastpass.com/

    1Password is another cloud password manager although there are currently some problems with their service leaking metadata (on older versions… they call it a "feature") and on the most recent version if you use it to store sensitive documents you can find you lose access to them because of their decision to use the Windows Encrypting File System. There was also another (now fixed) vulnerability found by research Tavis Ormandy of Google. You've got to pay for 1Password although on the plus side it's a very nice design though and looks good on a Mac.

    For people who prefer offline password managers (which I don't recommend anymore because people want to access their up-to-date passwords on multiple devices/platforms) then the two best are KeePass and Password Safe. Both are free, open source and highly recommended amongst the security community.

    http://keepass.info/
    https://pwsafe.org/

Leave a Reply