ReadWriteEnterprise

There's been a bit of a firestorm lately over employers seeking Facebook passwords. Despite the outrage, employers occasionally have a legitimate need for access to documents in their employees' social network and online service accounts. Cernam, a company that specializes in digital investigations, is looking to help employers dive into employees accounts without abusing the privacy of employees.

As I mentioned recently, I had a feeling there'd be a business in providing this sort of access to employee accounts. But I wasn't thinking along the lines of forensic searches.

The conventional wisdom seems to be that passphrases are much more secure than passwords, even if the password is complex. Passphrases are likely to be more secure than passwords, but not as secure as many seem to think. Some preliminary work on the topic by Joseph Bonneau and Ekaterina Shutova suggests that optimism about the security of passphrases needs to be tempered by the fact that users are more likely to choose phrases from common language rather than random phrases.

What makes a great password may not be its complexity but how many words you want to string in a row.

Passwords get hacked in five basic ways, writes Thomas Baekdal in a blog post on the topic: