In 2009, I had a few ideas that I wanted to get out into the world, and I wrote up a few of them for this site. I then took a break for a variety of reasons. One reason is that the next planned article turned into a lengthy research project on password security.
For a while I decided that you can’t do password security without putting it into the context of all computer security. After learning a bit about computer security, I returned to passwords, because for the average Joe it is often the weakest link in security while actually being the easiest to correct.
It is hard to write well about password security because it’s a complex topic with various trade-offs, such as security versus usability, and complete versus brief explanations. It’s also preferable for people to become more “net wise” as they read through the material, as opposed to memorizing a bunch of rules they don’t understand.
I believe the following series on password management reasonably navigates these constraints, tying together little bits of good advice that is scattered all over the net. It is targeted at home users, but IT professionals may find some of it useful as educational material for users.
I consider the password series a work in process, so I will greatly appreciate any and all suggestions for improvement.
The introductory post which also services as an index to the entire series is: