Psssst – What’s the Password?

By dgreen on 2009/10/20

No doubt about it, the Internet has taken on a major role in our modern culture and our daily lives.  One of the downsides of living an online existence is the need to use – and remember – a number of passwords.

If you work in a business where you use networked computer systems, you know what I’m talking about.  Various surveys have shown that the average corporate network user has to remember anywhere from five to 15 passwords!

That number doesn’t include all the userids & passwords for your personal use such as online banking, credit card accounts, airline frequent flyer clubs, hotel or other travel club memberships, business or trade group member sites, online shopping sites, insurance or investment sites, personal webmail, blogs, online forums, gaming sites, … YIKES!  How do you keep it all straight?

We don’ need no steenking Online Security …

One way some people deal with this jumble of userids and passwords is to simply use a familiar word for all their passwords like the name of their spouse, child, or pet, or maybe their birthdate, house or apartment number, etc.  A recent survey showed that the most commonly used password is … “password”!

Unfortunately, this is almost as bad as no security at all, and is just what a hacker is expecting. They can download ready-made “dictionary attack” lists full of the most common names and number combinations used as passwords, then setup an automated script to try them out and see which ones work.  It usually takes just a few minutes to guess such easy passwords.

Some Password Advice

So how do you create a secure password? Here are some basic dos and don’ts:

1) DON’T leave your passwords on a sticky note pasted to your monitor or in your top drawer – 60% of all security breaches are done by insiders (co-workers, friends, or family members), not outside hackers!

2) DON’T use current telephone numbers, social security numbers, or the names of family members or pets – it’s pretty easy to go online and find out all kinds of information about you, including your birthdate, your family members, your home address, your phone number, and so on.  And that adorable picture of your cocker spaniel, Molly, on your Facebook page is a clue to your potential password as well!

3) DON’T use the same password for everything – some userids and passwords would have minimal impact if someone else learns them (like for accessing a blog or forum), while others hold the key to your financial well-being.  Use a different password for those high-impact security areas.

4) DO use acronyms – it’s hard to guess or remember a password that is a jumble of letters or numbers, so try making up an acronym that you can remember like “Steelers Fans Are The Greatest” or “I Like Rolling Rock Beer.” Turn this into an acronym and it becomes “SFATG” or “ILRRB” – nonsensical words to anyone who doesn’t know what they stand for, and hard to crack via a “dictionary attack.”

5) DO add numbers or other non-alphabetic characters to your passwords – this makes them even harder to guess. For example, if the home where you grew up (not where you live now) was located at 227 Maple St., you could add the numbers 227 to your acronym letters and come up with a password like this: ILRRB227 – a password that you could remember but would be very hard to guess or crack, even with specialized “cracker” software!

6) DO change your passwords on a regular basis – preferably 3 to 4 times a year, especially for logins that grant access to your personal information or bank accounts.  Some sites that provide access to highly sensitive information may require you to do this anyhow.  If you’re using my “acronym + numbers” recommendation, at least switch the sequence of letters or numbers around so the numbers are first instead of last.  Or you could change the numeric part of the password to another easily remembered number: perhaps the 3-digit area code or exchange of your old home phone number, the route number of the highway that you used to drive to work, the last two digits of your spouse’s or parent’s birth year, etc.

Hopefully these suggestions will help you secure your online account access while not making remembering your passwords a part-time job!

Be Sociable, Share!

Posted in Tagged , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

CAPTCHA Image

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>