On an almost daily base I see the most basic security breached or ignored. I am not talking about sophisticated security and access controls that more and more companies provide, but about personal user security.
- Where one store id’s and passwords ? Either you use always the same password since years or you write them down in your diary or (paper)notebook, in a textfile or stick them on stickies beside the screen. No need to ellaborate on the potential problems here.
- You carry your documents (your companies ?) or sourcecode around on a portable USB harddisk or USB Stick. Ever thought what happens if you loose it. I dont mention the people who dont even make backups of the same devices. You loose it, you have 2 problems, right ?
My recommendation for today:
- Use an device-encrypting programm like TrueCrypt (link). It encrypt on the fly and even comes with bogus drives in case you are forced to reveal the passwword.
- Use a passwordsafe like KeePass (link). One encrypted password database for all your id’s and passwords. Just make sure you have one very good master password !
Both products use a variation of standard encryption algorithm and are opensource.