February 28, 2007
Do not use the same password for everything
An attendee of a training program for a new software package to set up login accounts mentioned using the same password for everything to make it easy to remember. As a security professional, I said that this was a bad idea because, if the password was disclosed, the "bad guy" would have the keys to all their information. The attendee scoffed and told me it did not matter because the password was a word from a foreign language. The person then sat down to create his account on the computer that was attached to the overhead projector. He typed his password into a non-masked field, exposing it to everyone in the room. My security advice was proven true.
