Passwords
Crystal Coast Technologies, Inc.
According to recent studies, up to 7 million people per year
(yes, that is "million") are victims of identity theft in the
United States alone. That is more than 19,000 per day and nearly
800 per hour. Wow! While some feel that these figures may be
greatly inflated, they still are sobering. Regardless of the
actual number per year, we still need to protect ourselves from
this problem. Many, though not all, of the yearly victims become
so because they are not as careful with their sensitive data as
they should be. Carelessness is all a thief needs to make a
victim.
CCT
offers this article "Tips for Creating Good Passwords."
This will be the first article in the CCT Tip Series entitled "Protect your Data Online and in the Office". Please give
us your feedback. Feel free to leave comments and suggestions.
The chain of protection is only as strong as its weakest link.
Many times, the weakest link is a poor password. One of our
clients recently told me that at one time, every computer in
their office had a password of "password". Obviously, that
offered as much protection as a screen door on a submarine. A
password is the first step to safeguarding yourself and
protecting your sensitive data.
Password No-Nos
- Here are a few things to avoid when making your
password:
1. DO NOT include words that can be found in the
dictionary in any language. Believe it or not, there are
dictionaries for password cracking. They are filled with, not
only words and names, but also number and letter combinations,
such as 11111 and abc123. If your password is super simple, like
"champ" or "bigtime", it can easily be guessed.
2. DO NOT use only letters or only numbers.
3. DO NOT use names of spouses, children, girlfriends,
boyfriends or pets.
4. DO NOT use phone numbers, birthdates or, even worse,
your Social Security number.
5. DO NOT use the same word as your log-in, or any
variation of it.
6. DO NOT give out your password to friends or family
members (especially children) who could pass them on to other
less trustworthy individuals.
7. DO NOT store written passwords in your desk, under
your keyboard or, worst of all, on a bright, yellow sticky note
on your monitor. Sure, this is nice to have in case you forget
your password. However, it also can provide easy access to your
computer for thieves.
8. DO NOT provide your password over e-mail even if a
trusted company or individual requests it. Internet "phishing" scams might use fraudulent
e-mail to entice you into revealing your user names and
passwords so criminals can access your accounts, steal your
identity, and more. E-mail security will be discussed in a
future article.
9. DO NOT use the same password for multiple accounts. If
someone gets one password, they could gain access to many of
your accounts.
10. DO NOT enable the Save Password Option. You may see a
dialog box which asks you if you want the computer to remember
the password you just entered. In this case, your best bet is to
choose NO. If you select YES, anyone who uses your
computer could also use your pre-saved passwords on these
accounts.
Ok. Now we know a little about what we should avoid. Let's
learn a little about what is involved in making a good password:
Proven Methods of Great Password Creation
- Follow these tips and you will be well on your way to
creating a safe, secure password:
1. DO make your password at least 8 characters long. This
would apply to your PC on your desk and any Online account that
you have that requires a password. A password of this length and
containing a mix of upper and lowercase letters (more on this in
the next step)will take about 2 years to crack.
2. DO choose a phrase or combination of words to make the
password easier to remember. For example, take a phrase that you
can remember. Let's use "Where Oh Where Has My Little Dog
Gone." Now, take the first letter of each word in that
phrase and you come up with: WOWHMLDG. Now, mix in
some lowercase letters and you get: wOWhmLdG. For
even more security, add some punctuation to the mix:
wOW^hm%LdG. That is a very strong password and yet
it is fairly easy for the owner to remember.
3. DO change passwords regularly. Ideally, every few
months you should create new, strong passwords for all of your
accounts. This can help keep hackers off balance if they're
monitoring a Web site that you visit frequently.
- Changing your password for your Online accounts
Web sites have a variety of policies that govern how you can
access your account and change your password. Look for a link
(such as "your account") somewhere on the site's home page that
goes to a special area of the site that allows password and
account management.
- Changing the password for your office computer
You can usually find information about how to create, modify,
and access password-protected user accounts, as well as how to
require password protection upon startup of your computer in the
Help files of your operating system, or online at the operating
system software manufacturer's Web site. For example, if you use
Microsoft Windows XP, online help can show you how to manage passwords, change passwords, and more. Mac users can go here for more information.
I am sure that some of you may think that the suggestions
mentioned in this article might be a little extreme. However,
stop and consider this: In the time it took you to read this
article, 53 people in the United States became victims of
identity theft. Many of them because they were careless with
their sensitive data. A secure password is the first step in
making yourself safe online and in the office.
Next in our series, we will discuss "How to be Safe
While Using Email." Be on the lookout for that article.
About the author:
Crystal Coast Technologies is a web design team headquartered in
Swansboro North Carolina. We specialize in Flash web design and
database driven e-commerce. Our blog contains more tips and the
latest tech news, including security alerts.
No comments:
Post a Comment