Everyone uses email and a lot of people use online banking. Both of these services make your life much more convenient: turn your computer on, get online and log on to the site with a password. Keep in mind that website is always on, it’s there waiting for you to access it. The only thing keeping your information safe is the password. Doesn’t it make sense to make it a strong one?
I bet there are at least 5 websites you visit that require a password. Most people, I hope your not one of them, use the same password for all of them because it’s easy to remember and convenient… This is the worst thing to do! Here’s why:
Every website with a login requires an email address or username. With most websites, the email address is the username. So if you use the same email address and password everywhere, its like creating a skeleton key that opens anything! All some one needs to do is get that key and they can access everything.
How do they get the key?
The number one cause is a weak password. There are programs that throw terms and numbers at logins. It happens all the time to AOL users… This is called a bruteforce or dictionary attack. The hacker hopes to gain access by using every possible combination of words available to them. The bruteforce attack is actually a slow process, however, since your account is online ALL THE TIME. The hacker has ALL THE TIME they need…
How do I protect my password?
- Protecting the password falls as much on your shoulders as it does on the shoulders of the company hosting your service. What you can do is help them help you! A password like basket might have cut it in the 90′s but not today. You need to add a level of complexity to the password.
- A number, no not 12345, is a good idea. The number can be a date, your waist size, whatever.
- Your password also needs a symbol. The @ is common so if you use that add another symbol like a dash (-) or underscore (_). Some sites do not like the underscore, shame on them!
- Capitalizing and having at least 6 characters helps too.
- With all of the above your basket password should now look like this: B@sket_36
- It still says basket and has an important number attached to it, therefore should be easy to remember.
- You should change your password on a regular basis. DO NOT keep it the same thing for a year or more!
- If you are creating an account for the first time, read what the site is telling you. Often there will be guidelines to follow and a nifty graphic that tells you how strong your password is. Look below for examples:
- Do not write your passwords down on a piece of paper unless the paper is stored in a safe or vault of some sort.
What if I have like 20 something websites to log into? I can’t remember all of the sites, can I?
That’s a tuffy. Although it’s not an end all, what I would recommend is to group your websites and use a password for each group. For example:
- Email – Password 1
- Social sites (Facebook, Twitter, etc) – Password 2
- Banking – Password 3
- Shopping – Password 4
What about RoboForm?
RoboForm is a cool program that makes filling out online forms and logins a snap. It’s very convenient. It’s convenience makes me worry. Any program can be hacked and with 32 million copies of RoboForm on the market, it is a big target for hackers. Just be careful! No one can hack your head, so if the passwords are there, you are safe.
Conclusion
Don’t be lazy, hackers and identity thieves count on you being lazy for their exploits. Remember: At least 6 characters, 2 symbols, important numbers and capitalization. If you suspect your password has been compromised, change it immediately. Computers are convenient, passwords should not be…
If you found this blog to not be comprehensive enough, head over to http://www.itl.nist.gov/fipspubs/app-e.htm for some incredibly dry reading about passwords. Consider yourself warned!
Rob, Thank you so much for password info. Appreciated.
Cheryl