Riaan GouwsA posting last week on Google’s blog: Helping passwords better protect you only partially addresses the issue. Although there is some good (and obvious) advice about using different passwords to different sites and making your password hard to guess, Google is putting the onus of responsibility on the consumer who is already inundated with multiple passwords to remember. Furthermore, the blog posting misses some pretty standard advice that you will find on this blog as well as others.
If google wants to get serious about password protection, then they need to address the elephant in the room: two-factor authentication or 2FA. Otherwise, posting high level advice on a blog that almost nobody reads is not going to move the dial in the war against hackers.
If you don’t get a chance to read the whole blog posting, here are the main points:
1. Use a different password for each important service
2. Make your password hard to guess
3. Keep your password somewhere safe
4. Set a recovery option
HACK FREE ZONE - SMB RESOURCES 