Developing Solid Password Practices for the 21st Century
- Written On 04.11.2013
- In Category Tech&Dev
- 152 Views
Long past are the days where a solid firewall and a decent security suite can keep our computers safe. For example, a 2008 study showed that Facebook is hacked up to a half million times daily and that is only one mere website. Multiply that kind of pattern across every social network, community site, gaming server and app store and you’ll begin to see; there are a lot of people out there who want to gain access to your personal computer. In fact, chances border around the 60-70% range that your personal or corporate information has already found its way into the database of a hacker.
All is not lost, however, because of the way cyber-crime actually works. Criminals often copy entire databases of usernames and passwords, then that information is then sold for pennies on the dollar to the highest bidder. By the time information changes hands two or three times and it is processed to see if any valuable information was taken, months (or sometimes even years) can pass by. Since criminals want to do everything possible to keep you from suspecting a security breach, you normally have ample time to adjust to better password practices before it’s too late.
Expect Attacks on your Network
Then again, maybe you’re thinking, “Who cares if someone hacks into my Twitter account? That has nothing to do with my business or any real information about my life.” Let me ask you this though; is your password for Twitter the same password you use on your banking site? In the apps store? Maybe your personal login at work too? Believe it or not, close to 86% of the world’s population uses only one standard password for all of their online activities. That means if a hacker can get you to sign up for a completely legitimate offer like a free iTunes download or a magazine subscription, then they have close to a 90% chance of being able to access more important elements of your online life with the exact same information.
The moral to this story is that it’s never too late to change your password habits and secure your online accounts. Even if your most common login information is currently in the wrong hands, it can be changed to protect your most sensitive access points. The next section will offer up a number of tips for doing just that.
Adopt Safe Practices & Techniques
The one constant that cyber-criminals count on is our laziness because nobody wants to remember hundreds of passwords for hundreds of different websites. If what you’ve read so far isn’t enough to scare you into good habits, then we highly recommend downloading a program like RoboForm or LastPass to remember your various passwords securely. Another benefit of these types of free software programs is that they can generate very complex passwords and remember them on your behalf forever.
Here are a few more important password tips:
- Never use a word (or two words combined) as a password. Instead, use a mixture of letters, numbers, and symbols.
- Likewise, use a healthy mix of uppercase and lowercase letters with the above tip as well. “PaS$w0Rd” is much more of a secure choice than “password.” Both are poor choices though since the #1 password in the world is, you guessed it, “password” or “drowssap” (password spelled backwards).
- Do not ever use part of your username as a password.
- Also, never use your SSN, birthdays, phone numbers or addresses within a password; they are much too easy to guess.
- Have a specific, dedicated password for each of your banking accounts, credit cards, online bills, and any other website that deals with your personal (or business) information. The more unique passwords you have, the safer you are overall.
- Always aim to make new passwords as long as possible, preferably 8 or more characters. While any password can be cracked if given enough time, a six letter/number/symbol password may take hours where one with twelve characters could take weeks.
Consistency is your Only Protection
The final piece of the puzzle when it comes to passwords is that even if you have a password manager spitting out virtually unhackable combinations like, “iKuBH%VJ2*kmR1sY,” there is still a chance for your account to become vulnerable through no fault of your own. That’s why it’s essential to change your login information on important portals at least a few times per year to remain as safe as possible. For more tips on good password habits or to request a comprehensive look at your IT department’s online safety, feel free to give us a call or use our online contact form.