So it's been a while (again) since I wrote anything, and I felt that it was time that I had a look around at some of the other blogging software rather then continue to use the horrid wordpress that I had been running up till now. I've always been against using services on the net to host anything personal (i've always insisted on running my own email servers for example) but I've changed my mind when it comes to blogging. The main reason in this case is security, as trying to keep up with the slew of wordpress vulnerabilities was proving to be a full time job and one that I didn't have an interest in. On top of that, I'm a fan of googles work in a variety of area's and thought I'd give this a try, so here I am at my new blogging home on blogger.com. Hopefully the transition will be relatively transparent to most of you as I'll do a few technical things in the background.
I've been inspired to start writing again for a few reasons. Firstly I've just had about a year off from regular work and I'm feeling rested and fired up to get stuck into problems and generally start working again, which means that I start to think about more challenging things then "When will I get up?" and thus some of it might be of interest to a wider audience. The other reason is that a few friends are also starting to blog a bit and ask some questions that I have some interest in trying to answer, so the combination means I think I might, finally, start writing a bit more regularly again :)
Something I read recently amused me and served as a good example of what I've been warning my non technical friends about for years. I'm referring to the well publicized attack on twitter. This was something that passed my by until now because for starters I've been on sabbatical from all things security while I've been "off", and secondly because everytime I see the word "twitter" my mind tends to shut down and ignore everything it see's for the following 5 seconds. You could say I'm not really a big fan of the concept ;) Still I couldn't think of a better example as to why reusing the same passwords and security credentials across multiple sites is a bad idea then the linked article. If you want to avoid re-using credentials with your web related applications but don't trust your memory then consider the following steps.
Firstly go and get a decent password safe application. Once you've installed that, each time you are prompted for a password for an account somewhere, use the random generate password function and put that into the requested field. Now whenever you are prompted you can simply double click on the right entry in password save and it will then load the password into your copy and paste buffer for use.
Normally I wouldn't recommend the following, because it is a slight lessening of security, however, if you're using a lot of different accounts and you find it too onerous to use password safe to manage all of them, then try the following additional tip. Generally it's a bad idea to let your browser save passwords, however, if you have a mechanism of encrypting all of the passwords it saves, or it does it automatically for you like Firefox does, then configure a master password (using a random one from password safe) and let Firefox now save your password for each of the sites you go to. Now firefox will automatically fill in your username and password for any given site you go to, however, you will have some protection over the username and passwords being stored on your local computer (or where ever your firefox password repository resides).
No comments:
Post a Comment