In November 2020, for the (until then) paid conference SQL Pass 2020, my colleague Avnish Rastogi and myself, presented the topic of how to migrate hundreds of SQL Server databases to Azure at scale.
We executed as Architects within of the Data Migration group at Microsoft, and worked in several engagements assessing multiple source databases and landing them into Azure. From the use cases, we compiled the steps, methodologies and services required to asses and migrate on-premises SQL Server instances to Azure Managed Instance. Leveraging PowerShell, we were able to automate and scale the migration of multiple databases.
It comes with no surprise to me that online database of passwords are being hacked. Last week Gawker Media got compromised and their password database stolen. Passwords were stored in an encrypted format but are still prone to dictionary attacks.
So how do I do it?
I use a different password for every account I create online. I combine uppercase, lowercase, numbers and non-alphabetical characters when possible.
How do I keep up with different passwords?
Well with so many passwords it is almost impossible for me to remember them. I use an excellent software: KeePass.
Do I create my own Passwords?
I do mostly. But lately I have let KeePass generate them for me.
How do I access my own password database from different places?
The easy way? Storing the password database on a USB thumb drive. Just make sure that the database has a strong password for accessing it.
The convenient way? Synchronizing to the cloud. I use DropBox for that matter. I can download from the website, or if feasible, install the DropBox and KeePass application on the local machine where I am working on.
KeePass Password Safe
What If I need to access the site using my SmartPhone?
No problem. I installed DropBox and KeePass for Android. Both Applications are available for pretty much all mobile platforms.
Is my smartphone saving passwords for websites?
Yes, for convenience, although it is a security concern.
What if my phone gets lost/stolen?
I installed Android Protector and the most sensitive applications require a PIN to access it. I have also installed Lookout for Android which allows me to backup sensitive data to the cloud, remote lock, remote locate and the best option, remote wipe.
Do I change my passwords?
Yes. Every 3 months at the most.
This is what I do for my passwords. How do you do it?