Passwords are past it – are certificates the key to better online security?

When the impact of the OpenSSL Heartbleed vulnerability became clear (along with many other recent compromises), security experts advised us to change all of our online passwords as a precaution.

Of course this is a Good Idea™, but did you actually do it or was it just another of those pieces of advice about passwords that you thought about and then chose to ignore because it seemed like a massive hassle?  Did you promise yourself that you would get around to it at some point and yet probably you never will, despite an uncomfortable nagging feeling of insecurity at the back of your head?

Continue reading “Passwords are past it – are certificates the key to better online security?”

My Personal Password Policy (PPP)


Remembering passwords is a hassle!  We all know the things that we are supposed to do but we are all human beings (aren’t we?) and it’s almost impossible (and certainly very impractical) to set strong, unique, and memorable passwords for each and every account we have.

I’ve come up with a policy about how I deal with my passwords.  My love of TLAs means that I have decided to call it my PPP or Personal Password Policy.  I’m quite proud of it tbh (the acronym too) and I hope that you find it useful and/or interesting.

Note: I use the word “cracker” when most people are more familiar with the word “hacker” being used.   Read more about why I do this.

Continue reading “My Personal Password Policy (PPP)”