For the last installment of this series on computer security, I’d like to focus on passwords. Passwords are absolutely essential to protect your data, whether it is banking information, email accounts, business server, or just pictures of the grandkids. Your information should remain just that – your data. And passwords are your first line of defense.
Hackers have become ubiquitous – one can literally purchase the software necessary to hijack thousands of remote systems online, or simply rent time on zombie systems that have already been controlled. There has never been a better time to be on the wrong side of the digital law. If your passwords stink, then you’re just making it that much easier for the bad guys.
So how do you pick a good password? There are a few simple rules to follow in order of increasing complexity.
Avoid words – especially “monkey” or “password” – these are among the most common passwords. If you can look it up in the dictionary, it’s a bad choice. Wahterbehd would be better than Waterbed.
Use at least three of following four characters: upper case letters, lower case letters, numbers, symbols. W@h+3rbEhd is better than Wahterbehd.
Make it long – the longer the better. Five characters should be the bare minimum for low security stuff like the grandkids’ pictures, while eight characters and higher are absolutely necessary for anything else.
Passwords are too easy – passphrases are the new secure option. A series of words strung together, preferably nonsensical. W@h+3rbEhdsR00l would be a good choice (waterbeds rule).
Another option for passphrases uses just the first letter of a phrase you like. Waterbeds Rule but Tempurpedics Are the Best for a Bad Back. This could become WRb+p@+BfaBB.
Don’t use the same password twice, anywhere.
Change passwords often.
So now that you have your new password methodologies in place, the obvious next question becomes – how in the world can anyone remember all of this? One way is to have a method to the madness. Come up with your own personal password methodology that is tied to the use of the password itself. The banking website password could be tied to the name of the bank, for example, keeping all of the above tips in mind.
Even better is the use of a password manager. There are many available and they range from a simple encrypted list of passwords you can keep on your phone or computer, to password generators that never even record a password anywhere – they simply allow you to recreate your password on demand using encryption methods.
The world of computer security can be a scary place, but with your new tools you stand a better chance of keeping your data and your identity safe. Be sure to check out the web version of the article for more details. See you online!
Scott Bly is the President of IT Freeway, a Santa Monica-based, small business computer consultancy. He teaches seminars at MacMall in Santa Monica and is a member of the Santa Monica Chamber of Commerce Technology Committee. His debut young adult techno-thriller novel “SMASHER” is being published by Scholastic/Blue Sky Press in Spring 2013. You can reach him via email at firstname.lastname@example.org.