Passwordboy

Is this what your passwords are doing – offering a lock to your personal data and financial accounts BUT offering the keys to that lock as well?

In the time it took you to read this question and give it some thought, a motivated hacker could discover your passwords if they are considered weak.  And with those passwords, the cyber criminal can access your  personal data and carry out his many nefarious intentions.

So, how much thought do you give to creating strong passwords?

There’s a big chance you don’t give it much thought — that you are more concerned about being able to remember your passwords than you are about the security they provide.

Go ahead– feel embarrassed, but know you are not alone.  Imperva, a California internet security firm, confirmed this about most of us in a 2010 report which stated “when people picked passwords, they generally cared more about being able to remember them than about security.”

Actually a good dose of alarm would be helpful here if you use weak password strategies, because those increase your risk to suffer fraud and identity theft attacks and they leave your most personal and financial data susceptible to basic, brute force password attacks   (An attempt to gain unauthorized access to a computing system by generating and trying all possible passwords – McGraw Hill Dictionary)

That’s the bad news.  The good news is there are strategies you can do right now to increase your security protection.  The following are password guidelines from Microsoft that are basic but good strategies:

Strong Password Guidelines

Good Strategies:
•    Length. Make your passwords long with eight or more characters.
•    Complexity. Include letters, punctuation, symbols, and numbers, upper and lower case. Use the entire keyboard, not just the letters and characters you use or see most often. The greater the variety of characters in your password, the better. Be aware, however, password hacking software automatically checks for common letter-to-symbol conversions, such as changing “and” to “&” or “to” to “2.”
•    Variation. To keep strong passwords effective, change them often. Set an automatic reminder for yourself to change your passwords on your email, banking, and credit card websites about every three months.
•    Variety. Don’t use the same password for everything. Cyber-criminals steal passwords on websites that have very little security, and then they use that same password and user name in more secure environments, such as banking websites.
•    Change Passwords Often.  Changing passwords is commonly recommended.  Monthly would be even better.  Immediately, if you feel you’ve been in a security compromising situation.

Even Better Strategies:
Create complex pass phrases:
•  Start with a sentence or two  —  Example:  Safe Passwords Are Complex
•  Remove the spaces between the words in the sentence  — Example:  SafePasswordsAreComplex
•  Turn words into shorthand or intentionally misspell a word — Example:  SafePasswordsAreComplxe
•  Add length with numbers. Put numbers that are meaningful to you after the sentence. —  Example:      SafePasswordsAreComplxe1950

Common Password Pitfalls to Avoid
•    Dictionary words in any language.
•    Words spelled backwards, common misspellings, and abbreviations.
•    Personal information. Your name, birthday, driver’s license, passport number, pet’s name or similar information.
•    Sequences or repeated characters. Examples: 12345678, 222222, abcdefg, or adjacent letters on your keyboard.

10 Most Common Passwords
The Imperva report cited the following as the 10 most common passwords:
•    123456;  12345;  123456789;  Password;  iloveyou;  princess;  rockyou;  1234567;  12345678;  abc123.

To finish up with a Warning:
“Amichai Shulman, chief technical officer at Imperva, urges people to avoid using these common passwords when using social networking, shopping and online banking sites.  

He states, “Everyone needs to understand what the combination of poor passwords means in today’s world of automated cyber attacks: with only minimal effort, a hacker can gain access to one new account every second – or 17 minutes to break into 1,000 accounts.”  (http://blog.1-to-1.org.uk/2013/04/the-worst-passwords-to-use-online.html)

Don’t let your passwords betray you.
In your passwords, Be Strong and Be Safe…….
To paraphrase Shakespeare, Security is the chief enemy of hackers (who also are mortals).  

 

Advertisements