Skip to main content

Visualize How Old Your Passwords Are in Firefox

A commonly recommended “good practice” for security is that we should change our passwords regularly. There is some debate regarding how frequently it should be. The period usually ranges from 14 days (a strict policy) to 90 days (a liberal one), while some security experts say 25 years should be fine. Technically, there is no point in changing your passwords unless your password is compromised or you have reasons to believe it may be compromised. Some systems, such as banks, force password change upon their users every few weeks. In addition to being annoying, such policies have a detrimental effect on security, according to one blogger.

The downside of changing passwords is that it makes them harder to remember. And if you force people to change their passwords regularly, they're more likely to choose easy-to-remember -- and easy-to-guess -- passwords than they are if they can use the same passwords for many years.

The primary reason to give a password an expiration date is to limit the amount of time a lost or stolen password can be used by someone else. If a hacker gets your password either by guessing or stealing it, he can access your network as long as your password is valid. If you update your password every 90 days, the most he can get is a quarter of a year’s worth of benefit out of it, assuming the attacker is a passive one who simply eavesdrop over time without alerting you that he's there. Practically, that doesn’t happen. An attacker who gets the password to your bank is going to empty out your bank account, and 14 days is more than enough time to do it.

Anyways, the purpose of this article is not to discuss the merits of changing password regularly but to bring to light a new tool released by Mozilla Labs.

password-age-visualizer

Password Age Visualizer is an add-on for Firefox using which you can see how long you've been using your passwords and which ones are due for a change. You'll see all of the passwords you use listed, with the ones over 200 days old highlighted in red. As you continue to change to new passwords and update your password manager, the bars will change back to blue.

Underneath each password is its age in days, and the bar that extends to the right represents how many days have passed since its first use. If the bar is red in color, that password is over 200 days old and should be changed. Additionally, each bar has black "ticks" on it, which represent a point in time that password was used on a new website. Hover over a tick to see the site's name.

The add-on works only if you use Firefox’s password manager to store your passwords. Since I don’t, I wasn’t able to test it. Personally, I prefer using a password generator that generates passwords on-the-fly based on a master password and the domain name of the website. That way I only have to remember one password and none of my bazillion passwords are written down or saved anywhere on my computer. I feel more secure that way.

Coming back to changing passwords, it’s far more important to choose a good password in the first place than to change it later.

Comments

  1. which password generator do you use?

    ReplyDelete
  2. My default browser is Opera, so I use an Opera password generator extension. Can't say if there is an equivalent extension for Firefox, but I will try to find out.

    ReplyDelete
  3. When I you have passwords comprised from 15 characters and/or passwords randomly generated such as: "jzAX5NArJeYUKRTRakEQ" I don't see why should I change the password ever!

    ReplyDelete
  4. What's important is the length and not the presence or absence of special characters.

    "ridiculouslylongpassword" is as strong as "zeU8EVo6gwmY8zGN+J3PUg6#" - both contains 24 characters and both will take nearly the same amount of time to crack.

    ReplyDelete

Post a Comment

Popular posts from this blog

How to Record CPU and Memory Usage Over Time in Windows?

Whenever the computer is lagging or some application is taking too long to respond, we usually fire up task manager and look under the Performance tab or under Processes to check on processor utilization or the amount of free memory available. The task manager is ideal for real-time analysis of CPU and memory utilization. It even displays a short history of CPU utilization in the form of a graph. You get a small time-window, about 30 seconds or so, depending on how large the viewing area is.

How to Schedule Changes to Your Facebook Page Cover Photo

Facebook’s current layout, the so called Timeline, features a prominent, large cover photo that some people are using in a lot of different creative ways. Timeline is also available for Facebook Pages that people can use to promote their website or business or event. Although you can change the cover photo as often as you like, it’s meant to be static – something which you design and leave it for at least a few weeks or months like a redesigned website. However, there are times when you may want to change the cover photo frequently and periodically to match event dates or some special promotion that you are running or plan to run. So, here is how you can do that.

69 alternatives to the default Facebook profile picture

If you have changed the default Facebook profile picture and uploaded your own, it’s fine. But if not, then why not replace that boring picture of the guy with a wisp of hair sticking out of his head with something different and funny?