Wednesday, October 22, 2014

I'd suggest that people reconsider using online sites to generate more secure passwords.

I've seen a number of people recently suggesting to others to use an online site to generate a more secure password. I'd suggest that may not be the wisest idea.

First you usually have no idea who runs the site, what information they are storing, or what other sites they may be related to.

When you visit a site there's a lot of information that can be collected about your computer that could in many instances uniquely identify your computer and thus you, without even knowing who you are. With the password all that would be required is for you to somehow provide your username (which now is often an email address) and someone may have everything they need to hack your services.

When you visit a site, the ISP you're using provides you with an IP address (a unique number) which lets others know who your ISP is and often your location. Your browser then usually provides the operating system you're using, the type and version of the browser and since there are quite a few versions, this makes it easier to identify you. Next your browser may also provide things like screen resolution, number of colours and more, so there really is a lot of information that can be obtained from you without knowing it.

Think of your computer like the game of 20 questions, where by answering 20 questions the answer is often provided to you. Each bit of information you provide progressively helps to identify you and often, that can end up uniquely identifying you and you haven't even entered a single piece of information.

Now if the site had a sister site where you signed up for a newsletter or a great deal, then your email address or the second part of your security could also be obtained.

I'd seriously suggest that you don't use online sites to create more secure passwords. Generally you have no idea about the site so really is it worth the risk?

Kelvin Eldridge
Call 0415 910 703 for IT support.
Servicing Doncaster, Templestowe, Eltham and the surrounding area.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.