- Internet & the Web
Tips For Online Computer Security - Strong Passwords
Online Security With Strong Passwords
The Internet has become an integral part of modern life, and while
there's no such thing as complete online security, there are some simple
precautions we can all take to improve our online computer security and
make ourselves and our data safer.
In the early days of the Internet, the greatest threats in online security were hackers trying to invade business and personal computers for personal satisfaction - a la Matthew Broderick in "War Games". Then came a wave of computer viruses that were intended to do nothing more than cripple the computers they infected. The next phase was a wave of so-called "Denial of Service" attacks, designed for the purpose of blackmailing companies - "Give us money or we will bring down your network". Then came the "phishers" - they use a combination of viruses, social engineering and software to trick individual computer users into divulging personal financial information for the purposes of identity theft and fraudulent banking.
Today, all of these have combined
to form a veritable swamp across the Internet, and if you aren't
careful you might get sucked down into it!
Here is one simple action that you can take to improve your computer data security while you navigate the Internet!
The Need For Strong Passwords
One of the easiest and most effective ways to protect your online information
is to use strong passwords. But that's often easier said than done!
When I think about it, I've probably had user accounts more than 50 different websites over the years - from free email accounts to social networking sites to online banking - and it seems like it would be impossible to create a unique and strong password for everyone of them. And I'll admit that for a long, long time I used the same password for everything I did online. It's almost a miracle that I never experienced a major cyber-exploit!
But then one day a few years ago, I returned from a long weekend away and found that I had a bunch of emails on my Yahoo! email account from folks I hadn't heard from in a long time, and they all had the same subject line. Curious, I opened the first one and saw that it was a reply to an email that I didn't send! A little bit of further investigation revealed that the message had been sent from my Yahoo! account while I was away from home (and my computer). The original message that all those folks had received contained a link to a website containing malware. The note in the body of the message was innocent enough, and it could have easily been mistaken for something that I would have sent to all my contacts.
Luckily, and strangely, the person who cracked my Yahoo! email password didn't use it to do any real damage, but if he had taken even a cursory look through my emails he would have known what bank I use, what my eBay and PayPal account names were, the names of at least two credit card companies where I hold accounts, and who knows what else. And if he had looked into that, he would have found that the passwords to all of those accounts were exactly the same as the password I used for Yahoo!
That was the
wake-up call I needed to come up with a way to make all of my
passwords stronger and keep my accounts more secure online.
But They're So Hard To Remember And Keep Track Of...
The toughest thing about using strong passwords is the very thing that
makes them strong!
Here are some of the key elements of password strength:
- Use both letters and numbers
- Be at least 8 characters long
- Use a mix of upper- and lower-case letters
- No "dictionary" words
- No personal information (birth-dates, phone numbers, etc)
- Unique from other passwords that you use
All of those features combined will certainly make for a strong password that would be hard for someone else to guess, but those exact features also make them hard to remember! And if you're going to write down your passwords, you might as well just use the same one all the time! And having to rely on written passwords means only being able to use them when you're at your desk.
There are ways to safeguard password lists - you could store them in a safe in your home, or in an encrypted file on your computer - and there are also software tools that can remember all of your various passwords for you.
But there's also a simple and effective way to create your own easy-to-remember strong passwords, and it leverages a simple memory trick than anyone can use to increase password strength. If your employer enforces a strong password policy, this tip is for you!
How To Create A Strong Password That's Easy To Remember!
Instead of picking one password and memorizing it for use on multiple websites, all you need to do is think of a sentence that you can memorize and use it to create strong, unique passwords for every website you use!
The sentence should contain numbers, or at least words that can be represented by numbers. If you can manage to squeeze some special characters in there (like #,$,@,&,_,!) then even better!
Here's an example.
Let's say that when I was 12 I got a dog named Lily, and at the time I lived at 423 Johnson Avenue.
If I want to create a password for my Yahoo! account, my sentence could be: "When I was 12 I lived at 423 Johnson Avenue and I got a dog named Lily"
My password from this sentence could be:
Breakdown of the password:
W - When (notice it's capitalized) I - I (also capitalized) w - was 12 - twelve I - I (again in caps) l - lived @ - at 423 - house number JA - Johnson Avenue (in caps) & - and g - got a - a d - dog n - named L - Lily _Y - underscore and Y for Yahoo!
If you memorize this sentence and change the last letter for each
website - "C" for Citibank, "G" for Google, "H" for HubPages, "V" for
Verizon, etc - then you have a virtually un-crackable string of
characters. It meets every rule for a strong password, and it is
unlikely that anyone could guess the pattern even if you did write down
If you can't always use special characters like underscore and ampersand like the example above, or want a shorter sentence, you could try something like "My first car was a 1983 Honda Accord", giving the Yahoo! password "M1cwa83HAY" or "M1cwa83HAG" for a Google password.
Some other number/letter substitution ideas:
E = 3
Z = 2
A = 4
P = 9
O = 0
I = 1
S = 5
B = 8
G = 6
Most websites require a password to be at least 8 characters long, and some don't allow for more than 20 characters, so a sentence with 7 words will allow you to customize the password to each site. The key to a strong password is to make each password as unique as possible for each site!
Use your imagination and try and mix in those numbers and special characters. You can add the site specific letter at the beginning or somewhere in the middle, instead of at the end. You could also use # or $ or something else instead of _.
The sentence you use can be about anything, so long as it's one that you can remember!
How To Create A Strong Password
Take Action Now!
Computer data security is no joke!
If you do nothing else, at least take a few minutes to come up with a
sentence and use it to change the passwords for your online banking and
email accounts. Remember that any site that stores your credit card
number, like Amazon or eBay or PayPal, is also vulnerable to theft if anyone
decides to exploit a weak password...