mediajunk

Have you been using the same passwords for years? Do you use the same usernames and passwords for lots of different accounts - e.g. email, PayPal, etc.? Or perhaps you use one password for accounts that you really don't want anyone to access, and another password for accounts that you're not as concerned about?

Think these are good strategies for keeping your accounts secure? Think again! But I'd wager you're in good company.

A few years ago, I conducted an online experiment. Since I'd become reasonably good at SEO (it was easier back then!), I got a web page to show up near the top of Google's results for phrases such as "check any email account".

The page was spartan in style, with two input boxes, followed by a submit button. The two prompts were:

• Enter your full email address
• Enter your password

Within a few days, almost a hundred people had given me the usernames and passwords for their online email accounts - and probably more, since people use the same usernames/passwords for all sorts of things.

Since my experiment wasn't very ethical (to say the least), I discontinued it once it had validated my hunch - that many internet users are naive about security risks. Lucky for them I'm not a real hacker, huh?

Admittedly, I do not update my passwords as regularly as I should. I have a lot of username/password combinations to remember, and worry about adding to this load.

Sidebar: Ever worry about taking passwords to the grave?

Anyway, Lauren Simonds offers some excellent mnemonic techniques for creating strong passwords. Now I have no excuse for not updating my passwords. And I'm going to update them.

Tomorrow.