Canada’s online legal magazine.

Search Results

Your search for “passwords” has returned the following results:

Lawyers Moving Past Passwords

Passwords have been around since the early days of mainframe computing. Believe it or not, passwords were not originally designed to prove identity. The betting money is that computer passwords first showed up at the Massachusetts Institute of Technology in the mid-1960s in order to track time when using a mainframe computer: The Compatible Time-Sharing System (CTSS).

Today, passwords are used to help authenticate the identity of the computer user. From a security perspective, the problem is that people use crummy passwords, forget them and even reuse them across multiple systems. At the end of the day, if someone has . . . [more]

Posted in: Legal Technology

Your Passwords S****

One of the most significant threats to client confidential and private information in law firms is bad passwords. Unless lawyers and paralegals are substantially different from the general public, we’re using the same bad practices when we create and re-use passwords as everyone else.

You’ve already heard all the suggestions on using better passwords, so I will leave that dead horse alone. In fact, I’ll suggest that you forget it. If you think you can create sufficient secure passwords for all of your offline and online accounts and devices, you’re a better person than me. The rest of us should . . . [more]

Posted in: Legal Technology

Protecting Yourself From Cybercrime Dangers: Lock Things Up by Using Passwords Properly

Cybercrime dangers are many, complex and ever-changing. Hardly a day goes by without another news report of a data breach or other cyber-related scam or theft. Cyber criminals have considerable resources and expertise, and can cause significant damage to their targets. Cyber criminals specifically target law firms as law firms regularly have funds in their trust accounts and client data that is often very valuable. This article, from the December 2013 issue of LAWPRO Magazine, reviews the specific cybercrime dangers law firms need to be concerned about, and how they can mitigate their risks.

Like the keys that start . . . [more]

Posted in: Technology

Privacy Not Protected by Short Passwords?

The Commission nationale de l’informatique et des libertés (CNIL – the French privacy authority) has recently found a company in breach of its duty to protect the personal information of its employees because the company used unduly short passwords that were too easy to guess and that were not changed often enough. (See the story on Le Village de la Justice)

According to the CNIL, the employer should have had a password policy that required longer passwords composed of letters, numbers and special characters, and that also required that the passwords be changed frequently.

It was not demonstrated that . . . [more]

Posted in: Substantive Law: Foreign Law, Technology: Office Technology, ulc_ecomm_list

May Receivers and Trustees Require Disclosure of Passwords to Do Their Work?

Since most information these days is generated, communicated and stored electronically, those who need access to a person’s information need access to the person’s information systems. That access may require a password and perhaps a means of decrypting the information. To what extent can the person with a legal right or even duty to access the information compel disclosure of these access methods?

In Ireland, a receiver is investigating the corporate and personal affairs of Sean Quinn in his dealings with the Bank of Ireland. The High Court of Ireland has ordered that several members of the Quinn family turn . . . [more]

Posted in: Substantive Law, ulc_ecomm_list

Demanding Social Media Passwords From Job Seekers Is Wrong

The issue of corporate or government employers asking for social media login ID’s and passwords for job seekers has reared its head again. See this CBC article entitled U.S. job seekers get asked for Facebook passwords. And see this article I wrote a year ago on the subject. This is wrong on so many levels that it is hard to believe anyone would ask for that. 

It is not unusual for employers to look at what job applicants are posting on publicly accessible areas of facebook and twitter. We can debate what influence that should have on the hiring . . . [more]

Posted in: Substantive Law

Beyond Passwords: Two Factor Authentication Comes to the Cloud

Over the last decade cloud computing vendors have invested heavily in making Software-as-a-Service secure as possible. Daily security audits, SSL-based encryption, and SAS 70 Type-II-certified data centers are now the norm, rather than the exception, and data stored in the cloud is now privileged to receive some of the best security technology can afford.

However, as with any security framework, cloud computing security is only as good as its weakest link, and in many circumstances the weakest link is the password used to access a web-based application. Passwords are often easier to guess than users think, and are all too . . . [more]

Posted in: Technology: Internet, Technology: Office Technology

How Secure Are Your Passwords?

The two things everyone using computers is supposed to do are: back up regularly and create difficult, changing passwords. The two things that nearly everyone using computers fails to do are: back up regularly and create difficult, changing passwords. Now, the business about backing up wouldn’t apply to computers used in law offices (would it?). But it’s not so clear that all firms and lawyers in those firms have got a good password policy in place.

We’ve talked about this on Slaw a couple of times recently. John Gregory asked whether a failure to set proper — i.e. complex — . . . [more]

Posted in: Practice of Law, Practice of Law: Practice Management, Technology

Privacy Expectations Despite Weak Passwords and File Sharing?

If one has a weak password for one’s web-based personal information, is it reasonable to conclude that one has a reduced expectation of privacy with respect to that information?

(Here’s an English list (from 2006) of the 10 most common password and a list of the 500 worst ones, from the point of view of security.)

If someone uses “password” as his or her password, should he or she really be able to claim some privacy interest in the information behind it?

What about file sharing? If one has files or folders or most of one’s computer accessible to . . . [more]

Posted in: Administration of Slaw, Practice of Law, Technology, ulc_ecomm_list

Passwords Passé

An article in yesterday’s New York Times, “Goodbye, Passwords. You Aren’t a Good Defense,” by Randall Stross, talks about the need for a new way of authenticating users at sites that require a login. Passwords, as we all know, can be cracked, stolen or simply guessed. The coming prodedure, it seems, involves “identity selectors.” These are applications that live on your computer and manage your “identity cards,” which in turn are, so far as I can tell, bits of code that “talk” to paired bits of code on sites you want to log in . . . [more]

Posted in: Technology

Monday’s Mix

Each Monday we present brief excerpts of recent posts from five of Canada’s award­-winning legal blogs chosen at random* from more than 80 recent Clawbie winners. In this way we hope to promote their work, with their permission, to as wide an audience as possible.

This week the randomly selected blogs are 1. Barry Sookman 2. ABlawg.ca 3. Rule of Law 4. Le Blogue du CRL 5. Meurrens on Immigration

Barry Sookman
Understanding subscription licenses, fair dealing and legal protection for TPMs in Canada: A critical commentary of the Blacklock’s Reporter Parks Canada decision

The Federal Court issued another troubling

. . . [more]
Posted in: Monday’s Mix

Monday’s Mix

Each Monday we present brief excerpts of recent posts from five of Canada’s award­-winning legal blogs chosen at random* from more than 80 recent Clawbie winners. In this way we hope to promote their work, with their permission, to as wide an audience as possible.

This week the randomly selected blogs are 1. All About Information 2. David Whelan 3. Barry Sookman 4. Avoid a Claim 5. Alcohol & Advocacy

All About Information
US court finds that visitors to health care provider web pages don’t leave a trail of their protected health information behind

On June 20, the U.S. District

. . . [more]
Posted in: Monday’s Mix