ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Stop Hackers: #1 Write Down Passwords

Updated on June 9, 2013

Strong Passwords Could've Rid the Anguish for One Cyber Victim

Source

•10,000 of the most common passwords access 98 percent of all accounts

•10% use password, 123456 or 12345678

Mark Burnett, a computer security consultant specializing in passwords

Hack! Hack! Hack! Sounds like someone has a smoker’s cough. Actually it’s the endless stream of computer hacking or break-ins that’s adversely affecting the country’s economy and the confidence of millions of computer users.

The recent attacks no longer are restricted by geographical boundaries. In addition to the U.S., many of the hackers operate out of China and Eastern Europe (Romania, Bulgaria and Russia). “China accounted for 41 percent of the world's computer-attacks in the fourth quarter of last year,” reports Bloomberg News. That’s a 33 percent increase from the previous quarter. Second on the list is the U.S., home of 10 percent of the world’s hackers.

Computer security experts anticipate cyber attacks of various sorts will continue to increase.

Unlike a 1930 robber seeking cash in a bank’s safe, today’s cyber criminals don’t manipulate dials on bank vaults. The crooks from both eras have the knowledge and talent to break-in to secure storage areas. Modern criminals are experts in electronically unlocking computer systems and web servers. The treasure today’s thieves are after is sensitive personal data, which they use to steal money.

Victims of these hackers include politicians, celebrities, banks, and a variety of websites (including Yahoo Mail, LinkedIn, WordPress, PayPal, MasterCard and Visa). Even computer pioneer Bill Gates was a victim of cyber crime.

It seems that some hackers aren’t after sensitive data. They enjoy the “sport” of messing with computer systems and the public. Case in point is the April 2013 hacking of the AP’s twitter account. The crooks’ bogus tweet reporting explosions in White House and an injured president sent the stock market reeling. The Dow instantly plunged 150 points and some investors lost money. In minutes, a corrected Tweet was sent and the market rebounded.

Defense Against Hackers

Your best defense against one of these attacks is the complexity of the passwords you use to protect your personnel information on your various online accounts. That is until someone develops a better computer security system (such as biometrics).

Today's cyber crook utilizes sophisticated password-cracking software running on a high-powered computer or a network of regular computers. Consulting company Deloitte reports a hoodlum with this set-up “can crack a simple eight-character password in 5½ hours.” Most of our passwords are defenseless to these so-called brute force attacks, when every possible permutation-combination is systematically tried until the right one is found.

Writing Down Your Passwords: A Necessary Crutch that Allows You to Create Hack-Proof Passwords

Source

Write Down Your Passwords

There are few important rules you need to follow when you create your password. (We'll examine them in Part 2.) The primary rule is one that should be revised in the mind's of all computer users. All the other rules are will be unsuccessful if we don't comply with this new Rule #1.

Most of us follow the mantra we hear at work: “Don’t write your passwords down.”Hackers love that password philosophy.

We are aware of he limitations of our memory. Since our gray matter can’t retain that much, we select simple (easily hacked) passwords and/or use the same password on various accounts.


"People are so inundated with bad security advice from everywhere and everyone that users actually think it is better to use the same password everywhere than to write down their passwords."

– Jesper M. Johansson, Microsoft Security Manager

Don’t be afraid to write down your passwords and store the slip of paper in a safe place, such as your wallet. Your business tells you not to write down your passwords. It’s their computer equipment, so you need to follow their policy for protecting their passwords. However, when it involves your computer, your smartphone and your web accounts – you set the rules. Go ahead, write down your passwords!

Many computer security experts say that slip of paper listing your passwords may fall into the wrong hands. But I S-T-R-O-N-G-L-Y take exception to that rule!

How can you remember ten complex passwords, then change ‘em and remember them all over again? The answer is: You can’t! That’s why so many people use weak passwords.

After my daughter’s email was hacked I was motivated to search for solutions for her and ultimately for you and me. For about a month, I spent a major portion of my PC time surfing the web using the search terms: “security” and “hacked.”

I knew I'd struck gold when I came across various stories about and articles by Jesper M. Johansson, then Microsoft's Security Manager.

Admitting IT security experts have been giving out the wrong advice for 20 years, Johansson espoused a new – still controversial – password philosophy. He shared his theory with hundreds at a national computer conference in Australia. “I have 68 different passwords,” Johansson told the group. “If I am not allowed to write any of them down, guess what I am going to do? I am going to use the same password on every one of them.”

It all makes so much sense!

Without being able to rely on this sanity preserver or necessary crutch:

  • You'll continue to use the same password on multiple accounts.
  • You’ll stick to simple passwords that are easy to decipher.
  • You won’t create passwords that are complex enough to stop the hackers and difficult for you to remember.

A humorous look at passwords

Johansson expounded on his point in a 2008 article in TechNet, Microsoft’s online magazine. This architect of Microsoft's security contends that simple passwords are a “very weak form of security. Yet… you can generate strong passwords and write them down – there really is nothing wrong with that,” Johansson explains. “However, people are so inundated with bad security advice from everywhere and everyone that users actually think it is better to use the same password everywhere than to write down their passwords."

A similar point was made in a post on computer security firm Beryllium Sphere’s website, “A password you can remember is a weak password,” asserts an anonymous Beryllium poster. “The bad guys have password-guessing programs that know every word in the dictionary. These programs can try millions of passwords in a second.” Normal people can't memorize a complex password – one that will stand up to cyber attack, he says.

“If you're not trying to remember a password then you're free to change it frequently, which also makes things more secure,” the computer security expert concludes.

Source

Looking for More Info?

If you want to read more about this topic, I recommend: Too Many Passwords or Not Enough Brain Power? on PCWorld.com and an article on CNET.com about Microsoft’s Johansson Urging Folks to Jot Down Passwords –TDowling

Comments

    0 of 8192 characters used
    Post Comment

    • TDowling profile imageAUTHOR

      Thomas Dowling 

      5 years ago from Florida

      Thanks Lucy "Starbright" Jones. I hope you had a chance to see the Don Friesen video (above). It's very funny because we've all been there.

    • starbright profile image

      Lucy Jones 

      5 years ago from Scandinavia

      Good hub with sound advice. There are millions being hacked as we speak. Experienced it myself last year - pity the hackers don't have something better to do. Thanks for sharing. Voted up.

    working

    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://hubpages.com/privacy-policy#gdpr

    Show Details
    Necessary
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
    Features
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Marketing
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Statistics
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)