Back in 2006, I was 26 years old. My long-time friend Matthew, and his friends, Vada and Joe, and I worked hard to kick-start an “Internet Startup” here in Silicon Valley. We would come out of investor and lawyer meetings and comment on the tendency for how people over 35 “just didn’t get it”. They didn’t understand what we were trying to accomplish. Twitter, Facebook and MySpace were all the rage, and these guys couldn’t understand the whole point of status updates.
I take password security very seriously. I’ve already written about how people can improve their password habits to keep themselves safe. This piece, however, is for those of you who build websites which provide password-related functionality. This is a list of password crimes that some websites commit. I’ve described these crimes, then point out some criminals (a.k.a., websites) which commit these crimes.
(This list is not guaranteed to continue to be up-to-date. This post represents a snapshot in time, and is accurate as of early June 2014 when the first draft of this post was written.
I’ve been paying quite a bit of attention to the story of Edward Snowden — the former CIA contractor who leaked classified information to the American public about how the government is spying on us through acronym-laden programs known as “PRISM” and “MUSCULAR”. Allow me to be your tour guide as we uncover just a few of the ways in which the NSA has broken the law and spied on American citizens.
Foreign Intelligence Surveillance Act (1978) It all started in 1978 with the passage of FISA:
I learned at a relatively young age what makes a good password versus a bad password, and I’ve tried to always use these qualities in the passwords that I choose. The Problem Unfortunately, even with the best intentions, you inevitably end up re-using one or a few passwords across every single website you log into. Some people do things as dumb as using the name of their significant other. Or their pet. Or a birthdate. Or something else equally guessable by one of the many supercomputers that exist (whereby “supercomputer”, I mean pretty much any computer invented in the past 5–7 years).