An interning article titled “Online Security: How The Experts Keep Safe” from information week by Thomas Claburn.
In the 1976 thriller Marathon Man, Nazi war criminal Dr. Christian Szell tortures runner “Babe” Levy to find out whether it’s safe for him to retrieve diamonds stored in a bank deposit box.
“Is it safe?” Szell asks repeatedly. Levy, who doesn’t know, can’t provide a satisfactory answer.
It isn’t safe online, but many people try to achieve some measure of security by keeping their passwords safe in their heads.
Someone could beat you about the head, a technique euphemistically known as “rubber-hose cryptanalysis,” to obtain your secrets. It didn’t work inMarathon Man, but it can.
Fortunately, that’s not a scenario likely to concern most Internet users. But it demonstrates one of several vulnerabilities that come with trying to remember passwords. There’s another issue that may be more relevant: Memory doesn’t scale. Trying to remember multiple passwords, if they’re as complex as they should be, is a recipe for failure.
Google software engineer Iulia Ion, research scientist Rob Reeder, and user experience researcher Sunny Consolvo set out to explore the difference between security experts and the rest of us. They detailed their findings in the paper “Comparing Expert and Non-Expert Security Practices,” which they presented at last week’s Symposium on Usable Privacy and Security.
To read more click here: