Welcome to the first entry of our new blog on identity theft. No balloons, no ribbon cutting, no flock of white doves released into the sky. Anyone who knows me knows that I’ve been prattling on about security for more than a quarter of a century, and I thought now was the best time to use a forum most people are comfortable with to share some of what I’ve learned about security over those years. And maybe rant and rave a little about many of the continuing failures in security and who’s to blame.

Like my bank, who locked me out of my online accounts for the last three days because, without notifying me, decided that their new passcode system would not accept a mixture of upper and lower case letters in the same password. Despite the fact that for years the security industry has preached that mixing upper and lower case letters in the same password offered a major security advantage to consumers! With such blatant disregard for good security principles and practices, not to mention customer service, is it any wonder consumers get fed up with all the conflicting security messages they’re getting?

I hope to be able to use this blog clear up much of that confusion, by sharing what I’ve learned and by encouraging you to share what you’ve experienced. And if blame has to be dished out in the process, it may be the only way to get things fixed.

I’m also a big advocate for the role of personal security awareness and responsibility, and a vocal critic of the millions of consumers who still think they have no role to play in protecting themselves from identity theft. So if you fall into that category, be prepared to be chastised - and converted! I’ll also be following developments in technology, and highlighting new products and technologies I think will help in the fight against identity theft, and any products I think may be little more than snake oil.

I’ll be sharing with you the various precautions I take, and security solutions I use, that have helped me avoid any kind of security incident in 25 years. If I won’t use it myself then I won’t recommend it, and if I do use a particular tactic or technology, it’s only because I trust it.

And I’ll be keeping track of all the new legislative efforts designed to make guardians of our personal data more accountable, who’s not doing their job, and what privacy laws are not likely to make any real difference.

I’ll be here every day, checking your entries and adding more of my own, so stop by often and say what’s on your mind.