PDA

View Full Version : Password Security



Raymondo
06-08-2004, 09:42 AM
I have three important links (banks etc) to manage my finances. To simplify password management, I have one complex password that I use on all three sites. I connect to these sites via an ADSL router and I have both hardware and software firewalls enabled.
I do not keep any record (on my PC or elsewhere) of this password and I resist any attempt by the sites (It has been 6 months............ etc etc) to make me change it.
Question: Under these conditions, does the use of the same password on multiple sites over a period of years in anyway jeopardize the security of my on-line transactions?
Obviously, I don't believe it does but everything I read keeps giving the same message - "change your password regularly."

Elephant
06-08-2004, 09:52 AM
Personally my beleif is that you should not have to worry about it.
Obviously the longer you use a certain password the more time a person would have to crack it using a brute force method.

Over the last few years I have used the same password for access to three different ISPS and also my internet banking. No unexplained withdrawals or time on the internet at this point.

andrew93
06-08-2004, 10:06 AM
> Question: Under these conditions, does the use of the
> same password on multiple sites over a period of
> years in anyway jeopardize the security of my on-line
> transactions?
> Obviously, I don't believe it does but everything I
> read keeps giving the same message - "change your
> password regularly."

Like Elephant, I use the same password for multiple sites and don't think it is an issue.

However, your question asked if it would jeopardise the security. If you haven't complied with the terms and conditions that you would have agreed to when you set up the account, then you will be in breach of the terms and conditions and will get no support from the bank if there is a problem. However, what is the likelihood that something will go wrong? IMHO the chances are pretty minimal if you don't share your password (which I expect you wouldn't).

Also, provided the sites you are using are secure (which I would expect they are) then it shouldn't be a problem. One thing to be aware of are keyloggers which could record your password (on a secure site? not sure about that...) but these can be removed with freeware available from the internet.

Rob99
06-08-2004, 10:09 AM
You should be fine as long as you dont click remember my password if that is an option (probally not if the page is secure).
I only have two passwords, one long one for banking and one short one for everything else.