It reminded me of Mel Gibson’s immortal line in the film, Braveheart: “They may take our lives, but they will never take our freedom.” Freedom was the most important thing to the Scots, more important and more valuable than their lives. So why are we keeping our driver settings more secure than our digital lives: our social networks, our email and our online banking?
With the proliferation of cloud based services, having a secure way to log in to these different services will become one of the most critical aspects of our computing lives. There is little that can be done if someone steals your laptop after you have already authenticated, but xkcd’s cartoon does highlight a security hole, albeit a small one from my perspective.
If you are practising basic security, you should always lock your computer if you will be away from it. There are things that can be done on the network admin side to block access to corporate resources, but this would not block the access to personal sites like Gmail.
Identity is also now being shared across multiple sites. For example, you can use your Facebook login to access other sites, negating the need for multiple accounts. This consolidation of identity can be convenient, but can also have disastrous consequences if someone is able to steal your login credentials. This is why we advocate stronger forms of authentication. For sites where two-factor authentication is available, you should enable it. For site where it is not… you should demand it.
Convenience is often overlooked at the expense of security – we all want freedom online. But surely the most important thing is the security to be free? (shameless company plug… my apologies!)