4 min read
When Passwords Fail - A Personal Story
Sometimes married couples see things differently and the only way to resolve the tension is by finally deciding to agree to disagree. That’s how...
We've crafted solutions tailored to your firm
The world of insurance for law firms can be confusing, and difficult to navigate. We've created this glossary because these common insurance terms should be easy to understand.
1 min read
Mark Bassingthwaighte, Risk Manager : Jan 18, 2018 12:00:00 AM
I have given a number of presentations on the general topic of cybersecurity that always include a discussion of password best practices. You know the spiel. Passwords are to be long and difficult to guess, different for every account or device, never reused, etc. Obviously, this can be a challenge. In fact, I’ll share, between my wife and I, we have over 250 different passwords we need to keep track of in our personal and professional lives. This is when the hands start to go up and it’s the same question every time. “How in the world do you keep track of all those passwords?” While there are several ways to do it, my answer always includes encouraging the use of a password manager. Of course, the next question is either, “What the heck is that?” or “Are those things safe to use?”
At the most basic level, password managers are software applications that allow you to conveniently store and manage all of your passwords. The data is encrypted and can only be accessed after you have entered a master password. Yes, you still need to remember a long difficult to guess master password; but having to remember just one is far easier than 250. Just don’t write it on a sticky note and place that on the side of your computer screen. You really must commit it to memory or store it in some other secure manner.
For me, the more interesting question is always the one about whether or not password managers safe to use because, in my experience, this is the concern that becomes the excuse to not make a change. At the outset, I would hope the use of a password manager would be viewed as far more secure than simply writing things down on a piece of paper or on sticky notes that are left lying around. Further, given the robust encryption in use, these applications are also going to be more secure than keeping a list of passwords in an Excel or Word file. But here’s the real value as I see it. The use of a password manager is going to be far more secure than picking weak passwords, not changing passwords and re-using old passwords, which is what so many do by default. Password managers are simply about making it easy to follow through with password best practices, which can go a long way in preventing a cybercrime.
Since 1998, Mark Bassingthwaighte, Esq. has been a Risk Manager with ALPS, an attorney’s professional liability insurance carrier. In his tenure with the company, Mr. Bassingthwaighte has conducted over 1200 law firm risk management assessment visits, presented over 600 continuing legal education seminars throughout the United States, and written extensively on risk management, ethics, and technology. Mr. Bassingthwaighte is a member of the State Bar of Montana as well as the American Bar Association where he currently sits on the ABA Center for Professional Responsibility’s Conference Planning Committee. He received his J.D. from Drake University Law School.
4 min read
Sometimes married couples see things differently and the only way to resolve the tension is by finally deciding to agree to disagree. That’s how...
4 min read
(Updated May 19, 2023) The days when an attorney could send an unencrypted email without worry, remain blissfully ignorant about encrypting a...
After having consulted with over twelve hundred law firms over the years, trust me when I say that more than a few small law firms around the country...