Wednesday, September 26, 2012

Passwords

Yesterday my email account got hacked. True, my password policy was way behind the times; nowadays you're advised to use numbers and symbols and here I was, still using an actual dictionary word! D said that's probably how they got in, pitting an algorithm that could test dictionary words against my email address. He sat me down and gave me the lecture and now (I hope) I'm much better defended against such attacks. But it brought to mind a couple of things I'd noticed/heard earlier this month.

I was setting up an account on one of the Ukrainian employment sites (rabota.ua or one of the similar sites) when the system stopped me. In their system, you're not allowed to use any numerals or symbols in your password, only letters. I thought this was kind of odd but didn't think any more of it until this week. An acquaintance works at an IT company that does work for foreign clients. She told me about a call her company had received from an American client. The client was trying to create a user name and password but had so far been unsuccessful. My acquaintance and her coworkers looked into the issue, and were surprised to find that the client was using (her quote) "weird characters in the password!"

So.... what's the unwritten law of passwords in Ukraine? Alphabet letters only? Or were those two incidents just outliers to the complex password trend?

1 comment:

  1. I'd use only those sites that keep strong password policy. And there're plenty of them!

    ReplyDelete