As a consultant, I am frequently receiving new passwords at clients and becoming aware of the password practices of others. One of the most shocking things I’ve come to discover is how loose people are with their passwords. At times, I am even included in this group.
Over the past two years, I’ve been attempting to improve my own habits with how I handle logons and passwords. Some of these changes are to protect myself from accidentally allowing somebody accidental access to the systems I am granted access to. And other habits are to
- Use a password generator to create unique logons. A couple sites I’ve used are here and here. It doesn’t necessarily matter where you get the password – just make sure it strong and has nothing to do with you.
- Do not use shared logons. The problem here is that someone else can logon and blame you for the things that they do. No one knows for certain who is doing what.
- If there is a shared logon that can’t be gotten away from – then change the password when people leave the organization or the engagement ends. Don’t leave an open door for curiosity and the disgruntled.
- Store your logons, passwords and any other information regarding the system in a secure location. I use KeePass and it has allowed me to “remember” more passwords without the fear that someone who obtains my laptop or reads my notepad can get into them.
Remember when people grant you access to their systems they are trusting you. Make certain your habits are worthy of that trust. As DBAs we are often the last line of defense in securing an organizations data.