Security: Is your password secure?

[Kathy]

I think someone needs to rethink the "writing it down" part.

A few years ago I had a friend (she had been my assistant admin) who started her own community. She managed a dedicated server, the vb software for the community and all aspects of getting a community started including a paypal account for donations.

She died suddenly one night ....taking with her the passwords to the server, the admin cpanel of her site....everything.

No one could save it. No one could log in and keep things rolling, picking up the payments on the server. The community was lost when the time ran out....It was a tragic loss...personally for me as a friend, and her community lost a friend and their community.

This taught me a big lesson. I took my grown daughter (she's 24) with me to the bank and put her on my business bank account as a signer if needed. She is completely trustworthy and the perfect person to handle things if something unexpected was to happen to me.

I started gathering the names/contact email/phone numbers of all the people I depend on, work with, pay for hire for tech, support, customizing my site and/or store.

I wrote down contact info for the server datacenter

I then started a list in a journal near my computer with any passwords I use, the site name, evvvvverything. I got organized since I manage a large community with many people involved behind the scenes.

And I showed my daughter where it is.

So while I agree its important to make sure your password is secure, make sure you have it somewhere that a loved one can manage if something unexpected happens to you and you need to guarantee the continued success of your community.

 

[Scribbller]

I think someone needs to rethink the "writing it down" part.

A few years ago I had a friend (she had been my assistant admin) who started her own community. She managed a dedicated server, the vb software for the community and all aspects of getting a community started including a paypal account for donations.

She died suddenly one night ....taking with her the passwords to the server, the admin cpanel of her site....everything.

No one could save it. No one could log in and keep things rolling, picking up the payments on the server. The community was lost when the time ran out....It was a tragic loss...personally for me as a friend, and her community lost a friend and their community.

This taught me a big lesson. I took my grown daughter (she's 24) with me to the bank and put her on my business bank account as a signer if needed. She is completely trustworthy and the perfect person to handle things if something unexpected was to happen to me.

I started gathering the names/contact email/phone numbers of all the people I depend on, work with, pay for hire for tech, support, customizing my site and/or store.

I wrote down contact info for the server datacenter

I then started a list in a journal near my computer with any passwords I use, the site name, evvvvverything. I got organized since I manage a large community with many people involved behind the scenes.

And I showed my daughter where it is.

So while I agree its important to make sure your password is secure, make sure you have it somewhere that a loved one can manage if something unexpected happens to you and you need to guarantee the continued success of your community.

Very touching story there Kathy and I agree with you 100 percent, My passwords are shared by my brother as we both finance the site.

 

[cirisme]

I have varying levels of passwords(from most secure to least): Server, personal admin, general adming, everything else.

All are stored in a PGP encrypted file on my server which my co-admin has access to.(except my personal stuff)

For my accounts, most of the following applies.

- Does it contain at least 10 characters? Usually
- At least 40% of which are numbers? No. Some symbols and some numbers, which counted together are usually over 50% of the password.
- There are no dictionary words at all? Nope.
- Is just a random mix of numbers and letters? Seemingly random, yes. Though it's not random to me
- You changed it in the last month or two? Doesn't change the security of the password itself.
- You haven't told anyone it or written it down where someone else may see it? See above.

 

[Prexis]

Thats a bad story Kathy about your freind.

Its best to have a password your family can know to run things.

 

[LightScribe]

i personally use the same password everywhere. My keyboard is fitted with a fingerprint reader, which allows me to log in to any site.

I have actually considered writing down any neccesary passwords and usernames in my legal will along with instructions on what to do with them.

 

[ab420]

I have a VERY strange method, but it works extremely well for me. I am a musician, and can learn new songs and new instruments very easily. I basically assigned musical notes (in my head) to all the different keys on the computer keyboard. Now, I simply use songs as my password! This allows me use alphanumeric passwords that can be as much as 30 or more characters and I can remember them easily!

Another good method is this:

make a new alphabet for yourself: assign numbers to a few letters (like make E be a 3, L be a 7, like the leet type, although using non-obvious characters would be even better) Then use lyrics from a song, with NO SPACES and use the substituted numbers where the letters should be, like this:

say 3=e 7=l, and 1=i for this example:

73tstw1stag1n71k3w3d1d7astsumm3r

now that is a heck of a password, right? All it really is:
Let's twist again, like we did last summer (original)
letstwistagainlikewedidlastsummer (no spaces)
73tstw1stag1n71k3w3d1d7astsumm3r (# substitutions)