Law firms spend a lot of time, energy and money trying to create a secure environment, both physically and digitally, for their clients’ confidential information. Disciplinary bodies, such as the North Carolina State Bar, spend gobs of time sorting out the ethical implications of cloud computing and software-as-a-service for lawyers.
Then along comes an article like this.
PCMag.com ran a story – and a story on this theme pops up once a year or so – noting that the number one most used password employed by business users is “Password1″. I can’t imagine that law firm users are appreciably different when it comes to choosing passwords from other business users. In other words, while law firm IT folks and managing partners wring their hands about which level 5 data center is secure enough to serve as the digital fortress for the firm’s client information, it’s entirely possible that the average user in the firm is using a password so common and obvious that it is akin to leaving the front gate open and the drawbridge down.
I’ve written about passwords in general and LastPass (my favorite password manager) in particular at TechnoLawyer.
If you decide not to use a password manager but want to beef up your password procedures in your office, search around for articles like this one from the New York Times a few years ago that detail how to create strong passwords.