Personal Password Management Survey

My next computer security video will cover personal password management. In anticipation of that I decided to do an anonymous survey to see how folks manage their passwords. I don't claim that it's statistically accurate or that it reveals anything conclusive. It's a sampling of people from Facebook, Twitter, and work.

49 people from all over the place took the survey.

When asked to rate themselves on their management of passwords:
6% said less than OK
49% said OK
45% said better than OK

When asked about their approach to using passwords:
57% said they use a different password for each class of service (one for commerce, one for banking, one for social services, etc.).
24% said they use a unique password for each service.
19% said they use the same password for everything.

Automated backups of MySQL databases

Unless you have intelligent backup software that can do something smart to backup your databases, restoring a backup of a running MySQL server is like restarting your database after a hard system crash, it's a crap shoot. Since I don't have any fancy backup software that can help I decided to use mysqldump to create a snapshot of my database server and write it out to a compressed SQL file. Then my (dumb) backup software can continue to be used and I will be able to recover easily if my server dies.

Here's the quick and dirty script:

# This script automates a call to mysqldump
# and sends the output to a file in a backup
# directory. The script is set up to keep
# seven days of history.
# Before you can run this script you must
# set up a MySQL user that can perform the
# backup. This user must have permission to
# SELECT and LOCK TABLES. The user should not
# be permitted to access MySQL in any way other
# than through the local socket. Here's how the
# user should be created:
# GRANT SELECT,LOCK TABLES ON *.* TO 'SomeUser'@'localhost' IDENTIFIED BY 'SomePassword'
# This script should be owned by root and only
# root should be able to read, write, and
# execute it. (i.e., chmod 700)

Upgrading MySQL from version 3.23 to 5.0.x

I recently had to upgrade a moldy old MySQL database server from version 3.23 to 5.0.x. Instead of stepping from 3.23 to 4.0, then from 4.0 to 4.1, and finally from 4.1 to 5.0.x I decided to use mysqldump.

I ran the following command on the old database server:
/path/to/mysqldump -u root -p -h --opt --all-databases > bigdump.sql

Then all I had to do was move the bigdump.sql file over to the new server and run the following command:
/path/to/mysql -u root -p -h < bigdump.sql

Now all that is necessary is to flush the privileges so that users can access the databases. I logged into MySQL:
/path/to/mysql -u root -p -h mysql

Estimated Relative Impact on Resources

Problem:It is difficult to prioritize projects without some concept of the relative impact each one will have on the group doing (or commissioning) the work. For instance, if I have three projects and one is huge while two are small is it reasonable to think that the two small ones could be completed in parallel; assuming there are no dependency or resource contention issues?

Checkwashing Countermeasure... A Pen!

I less than four minutes a crook can steal your check, selectively erase your writing, and make the check out to himself for any amount. That's checkwashing and it's preventable.

Most pens use dye, not pigmented ink. The uni-ball® 207™ uses ink with certain color pigments that bond with the paper fibers in checks making it very hard to "wash" the ink off. This pen, and others like it, could be a simple defense against the threat of checkwashing, which is simple and fast to do. The use of a pen like this, combined with the habit of properly filling in all the blanks on each check, and routine audits of bank statements will help you defend against checkwashing.