ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Stop Hackers: Use Good Password Policy

Updated on August 7, 2014

Simple passwords are like old, rusty locks trying to withstand attack from today's technologically advanced cyber criminals

By Bala (Bala Sivakumar) CC BY-SA 2.0 via Flickr.com
By Bala (Bala Sivakumar) CC BY-SA 2.0 via Flickr.com

You Make it Easy for Hackers if You Use the Same Password

Source

Your password is an electronic combination lock you employ to keep your sensitive data out of the hands of hackers.Too many computer users disregard the importance of their password. They don't give it a second thought, They act like it's a reliable old lock that won't faultier, even though cyber crooks could attack it using sophisticated password-cracking software.

To prevent being hacked, computer security experts say you need to follow a few Password Rules:

  • WRITE DOWN YOUR PASSWORDS – This violation of an old "Techie Rule" is essential to combat today's Internet criminals.
  • Use Different Passwords – The typical person frequents about two dozen websites; they each need their own individualized password.
  • Don't Use Simple Passwords – that contain names or sequential numbers
  • Create Complex Passwords – that contain random numbers and symbols
  • Test Your Passwords – using a great website
  • Change Your Passwords Quarterly

Make these rules your password policy and you should avoid being a victim of a cyber attack. Hackers will find it takes too much time to crack your password and move on to someone else. (To avoid crossing paths with cyber criminals you'll need to also follow a few rules concerning how you handle certain email and some Internet operations.)

► Write Down Your Passwords:

Writing down your passwords is a necessary crutch that allows you to create hack-proof passwords. This essential deviation in previous password philosophy is explained in detail in Part 1 of this report. The other parts of your computer security system won't work if you rely on your memory.

• 10% use: password, 123456 or 12345678

40% use a pass- word from the top 100 passwords

• 10,000 of the most common passwords access 98% of all accounts


Mark Burnett, an IT security consultant specializing in passwords

► Use a Different Password on Your Various Websites

Don't use the same password on different accounts. If a cyber crook deciphers the password for site A, he’ll try it on site B and C, and quickly hack those accounts too.

The average user has 26 online accounts that require passwords, but uses only five different passwords, a survey by Experian, an information services company.

Another survey (this one by BitDefender, a computer security firm) reveals a startling admission: 75 percent of Facebook users choose the same password for their email! Many computer security experts say Facebook is particularly vulnerable to cyber attacks. So make sure to use a different password there or you won't like the consequences.

►Don't Use Simple (Easily Hacked) Passwords

We have to admit: we’re lazy. When we’re asked to pick a password most of us select simple words or a series of consecutive numbers. That doesn’t result in a very complex or strong password. If your password can be found in the dictionary – it's not a good password. If you select letters as they appear on your keyboard, either horizontally or diagonally (qwerty, qaz or edc), – it's not a strong password. If you use your name, your kid’s name, your birthday or other personal information – it's not a strong password. If it’s less than eight characters long (some experts say 10 or 14 characters) – it's not a strong password.

Top passwords being used on one site:

  1. 123456
  2. 12345
  3. 123456789
  4. Password
  5. iloveyou
  6. princess
  7. qwerty
  8. 1234567
  9. letmein
  10. abc123

The Dallas Morning News reported a hacker posted the passwords for 32 million accounts he found on a social website.

His list provides a window into how unimportant computer security is for most people. Based on what he found, you can conclude the average computer user has no clue how to create strong passwords; the kind that will put up a fight under attack.

The hacker’s posting shows that most people selected a series of sequential numbers or simple words as their passwords.

► Create Complex Passwords: They Look like Cartoon Profanity

Cyber criminals have a variety of tools – from software to robots – they use to crack your password. To defeat them, computer experts urge us to use a complex password – one that includes numbers and symbols (#, $, %, &, *, etc.), plus upper and lowercase letters. The resulting password looks like profanity you’d see in a “speech balloon” over a cartoon character’s head. If you use a symbol in front of every complex password you have a nearly impenetrable password.

By Geralt CC0 via Pixabay.com
By Geralt CC0 via Pixabay.com

A System You Might Use to Create Complex Passwords

No one is going to tell you step-by-step how they created a great password system, because it could get into the wrong hands. With that in mind, let's examine one password creation method techies recommend. It involves song lyrics. You use the first letters of the first eight to ten words in a song. Mix in a few symbols and numbers and you’ve got a strong password.

You’ll need several song lyrics for all of your website passwords. You can turn to the web for help. Wikipedia mostly likely has a list of songs sung by your favorite artist(s). There are several song lyric websites that you can consult for the words of each of your target songs.

Now develop a system of substituting numbers for letters (1 for “I”, 4 for “A”, 8 for “B”, etc.) and you’ve got a strong password system. And don't forget to sprinkle in a few uppercase letters.

Because it's difficult to remember a complex password “people use a variety of tricks to make recalling passwords easier,“ explains a Technology Report issued by Deloitte, an international consulting firm. Deloitte found that most people put uppercase letters at the beginning of the password “and place the numbers at the end of the password, repeating the numbers or putting them in ascending order. These tricks and tendencies combine to make passwords less random and therefore weaker,” the report maintains.

By: GawdOFLOLZ  CC-By-SA via deviantART.com
By: GawdOFLOLZ CC-By-SA via deviantART.com

► Test Your Password; Will it Standup to Hackers?

You’ve gotta try this yourself: The How Secure Is My Password? ► website determines a hacker would “instantly” figure out passwords: “123456” or “letmein.” While (10-character-long) passwords that don't contain words in the dictionary, personal information or sequential numbers, but do use random numbers and uppercase letters would take a desktop computer about 58 years to decipher. Add a symbol in front of that password and the “How Secure” website reports it would require 4,000 years to crack.

(Other websites that check the security strength of your passwords.)

► Change Passwords Quarterly

The techies also say you should change your password at least every four months. After witnessing the “How Secure” demonstration I don’t know how valid that is. But I won’t argue with them, especially when it comes to my online banking, email and social network websites.

► Keep Your Mouth Shut

Don't tell people your password system. I'm not saying you shouldn't tell your friends about this system. You can share this report with them, but don't connect all the dots and reveal your system and definitely don't share your passwords.

By: nightowl CC0 via Pixabay.com
By: nightowl CC0 via Pixabay.com

Looking for More Tips?

If you want to read more detailed information on this subject, I recommend articles by Eric Griffith at PCMag.com and Dennis O’Reilly at CNET.com. And don't forget my additional password articles on this site. TDowling

Comments

    0 of 8192 characters used
    Post Comment

    • TDowling profile imageAUTHOR

      Thomas Dowling 

      5 years ago from Florida

      Thanks for the nice words, WalterPoon.

      I originally majored in art in college, but dropped out when I realized I wasn't as talented as most of my classmates. I found my "art" is writing. The art background has guided me to marry my words with images in publications I've produced. When I found that old rust combination lock on http://search.creativecommons.org it just naturally lead to that metaphor.

      Wish as many people as possible would read these hubs about PC security and take 'em to heart. Glad I had a positive impact on you.

    • WalterPoon profile image

      Poon Poi Ming 

      5 years ago from Malaysia

      "Simple Passwords are Like Old, Rusty Locks Trying to Withstand Attack from Today's Technologically Advanced Cyber Criminals"

      What a metaphor! It's so vivid, it gives me the jitters, after reading your hub!

      I did change some of my passwords because websites like Go Daddy doesn't allow simple passwords anymore but I haven't got around to changing ALL my passwords. Guess I better take your advice seriously. Yes, I did write the more complex passwords down, after I forgot my security questions for HubPages and it was quite a hassle trying to reset the questions.

    • TDowling profile imageAUTHOR

      Thomas Dowling 

      5 years ago from Florida

      Thanks Firoz. I hope you write your passwords down. As I explain in my "#1 Write Down Passwords" hub that antiquated computer rule about not writing down passwords is one of the reason so many people use simple (easily hacked) passwords. I wish more and more people followed this practice.

      The number of computer and smartphone hacking seems to be growing everyday. How can you remember ten or more complex passwords, then change ‘em and remember them all over again? The answer is: You can’t! That’s why so many people use weak passwords.

    • jabelufiroz profile image

      Firoz 

      5 years ago from India

      nice post...i use complex passwords with symbols and numbers, avoiding dictionary words...

      voted up and useful..

    working

    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://hubpages.com/privacy-policy#gdpr

    Show Details
    Necessary
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
    Features
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Marketing
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Statistics
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)