The Experiment
I pretty much use the same password for all of my non-essential accounts. Why? Because I really don't care if somebody breaks into my Pandora account and creates a Taylor Swift radio station, or posts as me on some obscure forum I used once; if I have no personal information on a website, it gets my universal password.The other day I signed up for a mailing list, and was a little upset when I saw my universal password sent back to me in plaintext along with my username in an email. It's a poor practice that is definitely among my security pet peeves. So, I decided to try a little experiment: search for my password in my emails. I found nearly 20 offenders, which actually is less than I was expecting, but still 20 too many. A repeat offender was the GNU Mailman, meaning several mailing lists sent me my password in plaintext.
Try it with your passwords, see what shows up. Could be frightening.
What's wrong with this practice?
Firstly, I'm sure many people reuse those passwords with important accounts—and just because I don't reuse mine on non-important accounts doesn't mean I'd like somebody to break into all of them. There are many ways an attacker could find this email. Some of them might include:- sniffing unencrypted network traffic
- sidejacking your email account
- reading it over your shoulder
Once figuring out your password, the attacker would procede to try it on other websites you use and gain access to those accounts.
What can one do?
For starters, you could use different passwords for every site, which would quickly get out of control. A possible solution is to use some sort of password management software such as 1Password or Password Safe. But then the issue becomes portability—it becomes more difficult to access accounts from another machine when you had software generate and remember your passwords for you.Another cool solution to passwords I ran into the other day is PwdHash by some Stanford students. It provides a way to transparently create domain specific passwords. It's pretty neat, check it out.
Unfortunately, such solutions do not solve the problem; having unique passwords on every website doesn't matter much if they are all emailed back to you. Sure it will make it so that an attacker can only get into one account per password, but they can still get in—which is kind of what a password is supposed to prevent in the first place. I don't need anyone to facilitate the breaking of my password, thank you very much.
So, because of poor design on part of some developers, you are vulnerable. Thanks, a lot. Worst of all you never know who will expose your password, and who won't. Although I can guarantee you one thing: Mailman will.
No comments:
Post a Comment