Bertram's Blog

A couple of days ago, I got a security alert email from Google with a list of my duplicate passwords as well as those that were weak. This includes most of the sites I’d signed up for over the years. I suppose it really does behoove me to delete any site I have no more use for, and to update passwords. How kind of Google to send me a list of all those sites as well as the passwords!

I do have two concerns. If Google is privy to all our passwords, does it really matter what the passwords are? Even if they are unbreakable, they are obviously searchable if one has access to the Google cloud or wherever it is they store all their information.

The other thing is that once I have all those unbreakable passwords, they have to be stored somewhere because there is no way they can be stored in my memory — my brain memory, that is. That means they need to be stored on the computer so I can easily copy and paste as needed, which means that all those passwords are doubly vulnerable.

They’d eventually all be stored in my browser, which makes it simpler for me, but makes the sites more vulnerable. Even so, I’d still need a master copy of all the passwords because glitches do happen.

Despite my lack of concern, I did spend some time today with an online random password generator, which means that now there might be a fourth place where my passwords would be stored — on the generator site. Obviously, if they did store the passwords, it’s not that big of a deal since they wouldn’t know what site the password would open. And anyway, that part is easy enough to fix — just change a letter or a symbol. (This is an example of the passwords that were generated: eHLq-B9W. See what I mean about never being able to remember it? They did give a helpful memory hint, but I’d never be able to remember that either: egg HULU LAPTOP queen – BESTBUY 9 WALMART. Sheesh.)

I’m not sure what anyone would gain by breaking into any of my sites. Any online ordering I do is through an account that I keep empty until needed, so there is no way anyone can clear out what little money I have. Only two sites have my social security number (well, any number of sites would have it because the IRS and other government bodies have online sites, but those sites are not under my control, so I’m not going to worry about it). One of my sites already has a strong password, and the other will have one soon.

Other than that, despite my once active presence online, there really is not a lot of my personal information out there.

Apparently, though, stealing personal information is not the only reason sites get hacked. They use the hacked sites for phishing schemes, generating spam, installing malware, and a host of other not-so-nice activities. (At first, when Facebook blocked my blog for being spam, I thought it might have been infected, but if so, Google would have put a warning on the search result as they did once when a bit of code got mistakenly inserted into one of my posts.)

I’d started this article by thinking I’d ignore the password situation and stick with what I have (on the assumption that if it isn’t broken, don’t fix it), but now that I’ve looked further into the matter, I see that it would be a good idea to better secure my sites.

I’ll do it first thing tomorrow.

Or the next day.

Or maybe the day after that . . .

***

What if God decided S/He didn’t like how the world turned out, and turned it over to a development company from the planet Xerxes for re-creation? Would you survive? Could you survive?

A fun book for not-so-fun times.

Click here to buy Bob, The Right Hand of God.