Re: Dear Linkedin,

[Paul Graydon <paul () paulgraydon co uk>]

On 06/08/2012 09:48 AM, Michael Thomas wrote:
> Linkedin has a blog post that ends with this sage advice:
>
>  * Make sure you update your password on LinkedIn (and any site that 
> you visit on the Web) at least once every few months.
>
> I have accounts at probably 100's of sites. Am I to understand that I 
> am supposed to remember
> each one of them and dutifully update them every month or two?
>
>  * Do not use the same password for multiple sites or accounts.
>
> So the implication is that I have 100's of passwords all unique and 
> that I must
> change every one of them to be something new and unique every few months.
> And remember each of them. And not write them down.
>
>  * Create a strong password for your account, one that includes 
> letters, numbers, and other characters.
>
> And that each of those passwords needs to be really hard to guess that 
> I change to every
> few months on 100's of web sites.
>
> I'm sorry, my brain doesn't hold that many passwords. Unless you're a 
> savant, neither does
> yours. So what you're telling me and the rest of the world is impossible.
>
> What's most pathetic about this is that somebody actually believes 
> that we all really
> deserve this finger wagging.
Use a password safe.  Simple.  Most of them even include secure password 
generators.  That way you only have one password to remember stored in a 
location you have control over (and is encrypted), and you get to adopt 
secure practices with websites.

The only real inconvenience might be having to log into each of whatever 
sites it is you're concerned about and changing the password on them.

Paul