Comments on: Personal Password Management http://blog.techscrawl.com/2009/02/15/personal-password-management/ TechScrawl is a technology blog focusing on a wide variety of technology related areas including enterprise IT, information security, penetration testing, networking, virtualization, and Windows & Linux administration. Thu, 22 Jul 2010 12:31:41 +0000 hourly 1 http://wordpress.com/ By: Sarah Palin » Personal Password Management http://blog.techscrawl.com/2009/02/15/personal-password-management/#comment-178 Sarah Palin » Personal Password Management Tue, 17 Feb 2009 08:04:19 +0000 http://blog.techscrawl.com/?p=600#comment-178 [...] TechScrawl.com wrote an interesting post today on Personal Password ManagementHere’s a quick excerptAlso password reset procedures for accounts should be evaluated to prevent unauthorized access like the kind Sarah Palin fell victim to last year…. [...] [...] TechScrawl.com wrote an interesting post today on Personal Password ManagementHere’s a quick excerptAlso password reset procedures for accounts should be evaluated to prevent unauthorized access like the kind Sarah Palin fell victim to last year…. [...]

]]> By: Andrew Yeomans http://blog.techscrawl.com/2009/02/15/personal-password-management/#comment-177 Andrew Yeomans Mon, 16 Feb 2009 10:20:01 +0000 http://blog.techscrawl.com/?p=600#comment-177 It's still a challenge to accurately assign the tiers. I'm thinking of sites such as :- web-mail - probably little of consequence, but can be used by others in password reset notification; travel sites - nothing confidential when searching for holidays, but if you start booking you might supply a credit card - or perhaps that was supplied to a third party site; subscription verification sites - often ask for information such as birthplace, first school, all of which might be used for password reset. Guess we need Personal-DLP systems to see what has been supplied. It’s still a challenge to accurately assign the tiers. I’m thinking of sites such as :-
web-mail – probably little of consequence, but can be used by others in password reset notification;
travel sites – nothing confidential when searching for holidays, but if you start booking you might supply a credit card – or perhaps that was supplied to a third party site;
subscription verification sites – often ask for information such as birthplace, first school, all of which might be used for password reset.
Guess we need Personal-DLP systems to see what has been supplied.

]]>