It’s probably old news to many of my technically-inclined readers, but I found this paper about “honeytokens” quite interesting. Basically a honeytoken is like a honeypot except that it’s a datum instead of a system. Some people might also have heard them referred to as tripwires or canaries, but the basic idea is the same: nobody should be interacting with it, so anybody who does is probably up to no good. I particularly like the idea of providing access-specific honeytokens, much like the old trick of distributing several versions of a confidential memo so you can tell who leaked it.