Recently I have become more concerned about web security, especially as it pertains to usernames, passwords, and mobile phone access. The recent security breach at Epsilon exposed the names and email addresses of millions of people who have connections with retailers that use Epsilon's marketing tools like rewards cards. Some of the companies are well known:
Tivo
Best Buy
Walgreens
Target
JP Morgan
and others
In October 2010, it was reported that many apps on Facebook, including Farmville and other popular applications had used customer data inappropriately. The application developers violated Facebook's privacy rules, but that is of little consolation to the user who has no way to fight back. Once the information is sold to third parties it can't be brought back.
I wanted to develop a secure password system after I built a new computer last fall. I had been using the password keeper on my blackberry device but it was difficult to sync and worried about the device malfunctioning. I found Callpod's Keeper password protection software for android, the cloud, and desktop computer. I could enter my passwords in the phone app, which was protected by a master password, and then sync it via wifi with desktop software. For an added cost I could also sync my passwords with the cloud service.
But then I was wondering how trustworthy these application developers are. How do I know that when they provide me with password protection service in the form of an application they are not harvesting my data during updates? How do I know the cloud service is secure?
To start my new password system, I cleared caches and browsing history on my mobile devices, deleted the password keeper application, and changed the password on my Google account and set up a 2-step verification system. I am still figuring out how I can safely and conveniently store my list of passwords. Ideally I would like to be able to access them from my mobile device as well as my home computer. The key is to have them safe and in two places. If anyone has ideas about how to keep passwords secure I would appreciate the feedback.
No comments:
Post a Comment