I'm watching the scene unfold with Gawker media
, and thinking about the security of my personal identity. The security of our personal online identities has ALWAYS
been important, it just has a spotlight on it currently with Wikileaks and all the high profile DDOS and intrusive attacks in the last couple of weeks.
My first thought is how thankful I am I use a 3 tier username / password structure for all of my accounts. This means I have 3 different sets of username / passwords I use:
- 3rd Party Accounts - These are all external 3rd party services I use.
- External / Public Facing Accounts - These are accounts I host but have public facing logins, like Wordpress, etc.
- Financial Accounts - These are online banking, credit card, and load type accounts. Any account I have attached to $$$$.
I have commented on Lifehacker, a Gawker Media property. So my username / login identity for 3rd party accounts might be compromised. I run down my personal list of 3rd party accounts and change these. But my other 2 tiers are not compromised. This is a benefit of having a strategy for my personal account management
My second thought is around OpenID. I have started using my Twitter OpenID
to login to many 3rd party services. This keeps my accounts centralized. 3rd party services NEVER have access to my username / password. Gawker media would never have my login information that I potentially use at other third party services.
I can't be sure I've always used my Twitter account to authenticate across any one the Gawker real estate:
So I need to go to ALL my third party accounts and change my passwords. What a pain!!
Maybe the time is ripe for everyone to take another look at OpenID
and NOT signing up for service that don't give you an OpenID option for using their service?