Here’s our latest Naked Security Live talk, where we talk about the difference between online “secrets” that aren’t really secret but were hidden away to be found as a bit of fun

…and genuine secrets, such as passwords and encryption keys, that get “hidden” away in apps or websites in the hope that they won’t be found and abused.

Hardwired passwords and encryption backdoors can never be considered secure, in much the same way that leaving your house key under the doormat isn’t secure.

Once someone figures out the “secret”, everyone knows it and anyone can abuse it:

[embedded content]

Watch directly on YouTube if the video won’t play here.
Click the Settings cog to speed up playback or show subtitles.

Don’t forget that these talks are streamed weekly on our Facebook page, where you can catch us live every Friday.

We’re normally on air some time between 18:00 and 19:00 in the UK (late morning/early afternoon in North America).

Just keep an eye on the @NakedSecurity Twitter feed or check our Facebook page on Fridays to find out the time we’ll be live.