The old adage is: “security through obscurity is no security at all“.
So do we utilise:
- secure password management
- or insecure?
Here’s my take.
Go secure where you have to and don’t where you don’t have to.
Let me explain a bit more.
If I’m doing something that will reveal more than just cursory information about me then I go secure. If not revealing anything other than my name, location and interests then I don’t. Here’s my take – if it’s my online bank account; a shopping site; email; or similar then I go secure.
If it’s a forum that doesn’t require me to divulge all my personal info then I tend to use the same password (but still a strong password) and user id combination where possible – though even that I’m changing. And when I say require then I don’t provide all the asked for info – date of birth for example. Why would a forum really need to know that? But a nefarious character might … what it comes down to is common sense. If a forum insists on something I consider inappropriate then I always use the same basic but incorrect details – such as Jan 1st 1990 for my birthday.
As to secure – well I always try to go as secure as the particular site will allow me to do so. So if they accept 24 character passwords with all the bells then guess what I’m using?