♫ Password, please use the password
It opens the door to my heart…♫
Password, recorded by Kitty Wells.
The writer spoke yesterday at the Privacy and Access 20/20: A New Vision for Information Rights‘ workshop on Legal Ethics dealing with issues of privacy, security and technology for lawyers and their clients. The writer spoke along with Dr. Benjamin Goold, Associate Professor of Law and Associate Dean Academic Affairs, University of British Columbia and Tamara Hunter, Associate Counsel and Head of the Davis LLP Privacy Law Compliance Group.
This workshop was part of the pre-conference sessions and was a two-hour practice management and ethics seminar from a privacy law perspective. We addressed such issues as the use of technologies such as cloud computing by lawyers, and information security considerations including encryption, adequate passwords and mobile devices.
We dealt with a whole range of matters including the Law Society of British Columbia’s Cloud Computing Checklist and other other issues such as maintaining strong passwords.
I thought I would post on how lawyers can maintain strong passwords and not cause themselves grief in trying to remember complex series of upper, lowercase and symbols to craft strong passwords.
First, how do you create strong passwords? I use the Perfect Password generator on Steve Gibson’s website www.grc.com. Steve states that “Every time this page is displayed, our server generates a unique set of custom, high quality, cryptographic-strength password strings which are safe for you to use.” You can read the techy details of how the passwords are generated and why Steve states that they are safe on his password web page. Suffice it to say that Steve has a long history of protecting client information and system security.
OK so you have a 63 character random password that is highly secure. How can you possibly remember this? For one, *don’t* put it into an Excel spreadsheet or Word document on your computer. Malware will scan for these and then you will have lost all your passwords if your computer is compromised.
Much better to use a proper password manager such as LastPass. It works on practically every platform:
It is easy to use and has received praise from C|Net, PCMagazine, LifeHacker and many others. Best of all you only need to remember one password – the one to open LastPass. You can then enter your long secure passwords into web forms with just one click.
There is a free version or a premium version for $12/year.
With so many lawyers entering data on the cloud (not to mention using banking and e-commerce sites and such) it is comforting to know that you are secure by using complex passwords and protecting them in a proper way.
So to ensure maximum privacy and security, please use strong passwords and a good password manager – and use them to open all sorts of electronic doors…
-David J. Bilinsky, Vancouver.