Cloud Password Security Pragmatism versus Paranoia

Cloud Password Security

I just read an interesting article about Cloud Password Security in regards to the popular LastPass software. The comment section, as it often does, inspired me to write a blog about what’s going on and why I like to consider myself a pragmatic person.

The problem is simple enough. Creating a secure password is a bit of a pain and keeping track of all your passwords is even more difficult. Thus, cloud password security programs began to sprout up. They store your passwords online in an encrypted format and allow you to access your online sites without actually risking hacking.

What Happens when the Cloud Password Security Software is Hacked?

This is the focus of the article and what generated so much debate in the comments section. It’s fairly self-evident a storage silo for secure passwords is going to attract the attention of hackers. Why spend all that time getting my password when a hacking group can access millions all at once?

Lots of people chimed in with immediate and visceral responses. No way was he or she going to trust some cloud-based password system. In many cases the commenter listed local password security as a better solution. Generate your own secure passwords, store them locally in an encrypted way. That way you don’t put your passwords in a big old pile with a million others.

Pragmatisms versus Paranoia

The thing to understand about the various commenters lashing out against cloud password security is they have a point. The suggestion of storing all your passwords locally and encrypted is marginally more secure than using an online vendor.

The problem is, of course, the vast majority of people don’t want to or are technically incapable of doing so. With online cloud password security your passwords are automatically generated and put into sites you visit, bypassing the need for you to type them in manually. For many people, this alone is reason enough to use such services.

The real problem against using locally stored and encrypted passwords is much more pragmatic. A large majority of people simply do not create secure passwords and tend to reuse the same password over and over, perhaps with a number added to the end. Many people write down a list somewhere which means even a casual visitor or repair technician can get them easily enough. One of your kids’ friends. More people are in your house than you realize.

This means for the most internet users, their information is serious danger of being hacked. Your bank information. Your photos of loved ones. Everything.

My Personal Experience

It’s frankly impossible to remember all your passwords so you’re going to have to store them somehow. Over the years, several websites to which I belonged years ago informed me that they’d been hacked. That my password information for that site was now in the hands of the hackers. No problem for me, I never reuse passwords, but a huge problem for the majority of people.

Conclusion

I actually use a locally stored and encrypted system so you’d think I’d recommend that solution for everyone. I don’t. It’s just not realistic. I’m a pragmatist. I know the system I use for myself just isn’t going to work for many other people. What’s good for me isn’t good for everyone. That’s an important little life lesson all by itself but I won’t elaborate.

Please, for your own financial security, purchase a monthly subscription to a cloud password security service. You’ll hear horror stories about it being unsafe but don’t listen. It’s safer for the vast majority of people and that means you.

Tom Liberman

Kicked out of Universal Studios for T-Shirt – Rightly so!

Offensive T-shirtThere is another one of those offensive t-shirt stories in the news today and this time I’m with the kickers out and not with the t-shirt wearer. Once we get past the attention grabbing headlines and read the whole story we start to hear both sides of the issue.

What was the offensive slogan? Police: Street Crime Unit

There might be more to this than I’m reading into it and if future revelations prove my original thoughts to be wrong I’ll be happy to rethink my position, as I’ve done before.

Essentially a family was in the Universal Studios theme park in Orlando, Florida and security asked them to leave because of the offending t-shirt. The story goes to great lengths to portray the family as the victims starting with the lead paragraph in which it is declared they were at the park for the sixteenth birthday party of the family daughter.

The family claims they asked to see the policy that referenced the shirt and were refused. They also claim they offered to purchase a different shirt at the nearby clothing store but were not allowed to do so. They were “terrified” at the threat of being arrested by security.

First off, it’s a good policy that Universal has. People who are not official security officers should not be wearing clothes that indicate they are such. In this case the man is not even a police officer; he was supposedly given the shirt by his brother. It’s incredible stupid and potentially dangerous to wear such a shirt at a public event at which you are not a security officer, even if you are a police officer in your day job!

A Universal spokesperson is quoted, near the end of the story, as saying that it is their practice to clearly explain policy decisions with the public. The spokesman welcomed a discussion with the family over events.

In other words, they’ve got multiple witnesses as to what occurred and likely some video footage as well.

In the meantime the family is squawking to every news outlet they can find. The park was kind enough to refund them the money they spent to see a show which they were prevented from attending.

If you haven’t guessed, I’m on the side of Universal in this one. Mistakes can happen but reasonable people generally find reasonable solutions. It almost always takes at least one belligerent party to cause events to spiral out of control. If I had my guess I’m pretty sure I know who was reasonable and who was not in this situation.

I think a casual look at my blog posts will show that I’m not always on the side of security officers and government agencies. There are situations where police officers act like bullies, where security far overstep their bounds (one of my friends was just involved in such an incident). However, when in doubt I generally side with security officials. In this case I’m not even in doubt. Maybe I’m wrong but I don’t think so.

Good on you, Universal. Maybe I’ll take my next vacation at your park, I like the way you do business.

What do you think?

Tom Liberman
Sword and Sorcery fantasy with a Libertarian Ideology
Current Release: The Sword of Water ($2.99 and worth all 299 pennies!)
Upcoming Release: The Spear of the Hunt