With millions of passwords stolen from LinkedIn, eHarmony and Lastfm.com in the past few weeks, it is a good idea to re-think your password strategy.  It should certainly make it clear that re-using one or even several passwords across many web sites can be dangerous.  But creating and remembering individual passwords for the ever-growing collection of web sites that comprise our digital lives can be daunting.  What should you do? (more…)

The Microsoft Management Console provides plugins for managing many aspects of Active Directory, including user accounts.  The Active Directory Users and Computers MMC plugin allows you to view and manage user accounts, but there are some things you cannot discover, such as last logon time or when a user’s password will expire (if at all).  Password expiration can be particularly vexing for road warriors or those who use non-Windows platforms but still rely on ADS for authentication to numerous corporate resources.  Windows users have two possible means of being warned, and non-Windows users are just out of luck! (more…)

All of us have credentials for a variety of web sites, e-mail accounts, not to mention other sensitive personal information.  Passwords alone can multiple like rabbits if you are careful not to reuse them (which is strongly advised).  The temptation to record passwords, and other sensitive information, in an insecure fashion is strong.  The proverbial sticky note under the keyboard is only one example.  But what should you do? (more…)

Most operating systems have a time-tested method for fighting brute-force password attacks, but with a downside. Some equation involving the number of attempts over some amount of time results in password lockouts for another amount of time. If the settings are too lax, you risk an attacker having enough chances of guessing a correct password. If your settings are too tight, it can cost your support desk extra load or worse.  Many applications do not have access to these operating system controls though. (more…)