Stop Hackers: #1 Write Down Passwords
Strong Passwords Could've Rid the Anguish for One Cyber Victim
•10,000 of the most common passwords access 98 percent of all accounts
•10% use password, 123456 or 12345678
– Mark Burnett, a computer security consultant specializing in passwords
Hack! Hack! Hack! Sounds like someone has a smoker’s cough. Actually it’s the endless stream of computer hacking or break-ins that’s adversely affecting the country’s economy and the confidence of millions of computer users.
The recent attacks no longer are restricted by geographical boundaries. In addition to the U.S., many of the hackers operate out of China and Eastern Europe (Romania, Bulgaria and Russia). “China accounted for 41 percent of the world's computer-attacks in the fourth quarter of last year,” reports Bloomberg News. That’s a 33 percent increase from the previous quarter. Second on the list is the U.S., home of 10 percent of the world’s hackers.
Computer security experts anticipate cyber attacks of various sorts will continue to increase.
Unlike a 1930 robber seeking cash in a bank’s safe, today’s cyber criminals don’t manipulate dials on bank vaults. The crooks from both eras have the knowledge and talent to break-in to secure storage areas. Modern criminals are experts in electronically unlocking computer systems and web servers. The treasure today’s thieves are after is sensitive personal data, which they use to steal money.
Victims of these hackers include politicians, celebrities, banks, and a variety of websites (including Yahoo Mail, LinkedIn, WordPress, PayPal, MasterCard and Visa). Even computer pioneer Bill Gates was a victim of cyber crime.
It seems that some hackers aren’t after sensitive data. They enjoy the “sport” of messing with computer systems and the public. Case in point is the April 2013 hacking of the AP’s twitter account. The crooks’ bogus tweet reporting explosions in White House and an injured president sent the stock market reeling. The Dow instantly plunged 150 points and some investors lost money. In minutes, a corrected Tweet was sent and the market rebounded.
Defense Against Hackers
Your best defense against one of these attacks is the complexity of the passwords you use to protect your personnel information on your various online accounts. That is until someone develops a better computer security system (such as biometrics).
Today's cyber crook utilizes sophisticated password-cracking software running on a high-powered computer or a network of regular computers. Consulting company Deloitte reports a hoodlum with this set-up “can crack a simple eight-character password in 5½ hours.” Most of our passwords are defenseless to these so-called brute force attacks, when every possible permutation-combination is systematically tried until the right one is found.
Writing Down Your Passwords: A Necessary Crutch that Allows You to Create Hack-Proof Passwords
Write Down Your Passwords
There are few important rules you need to follow when you create your password. (We'll examine them in Part 2.) The primary rule is one that should be revised in the mind's of all computer users. All the other rules are will be unsuccessful if we don't comply with this new Rule #1.
Most of us follow the mantra we hear at work: “Don’t write your passwords down.”Hackers love that password philosophy.
We are aware of he limitations of our memory. Since our gray matter can’t retain that much, we select simple (easily hacked) passwords and/or use the same password on various accounts.
"People are so inundated with bad security advice from everywhere and everyone that users actually think it is better to use the same password everywhere than to write down their passwords."
– Jesper M. Johansson, Microsoft Security Manager
Don’t be afraid to write down your passwords and store the slip of paper in a safe place, such as your wallet. Your business tells you not to write down your passwords. It’s their computer equipment, so you need to follow their policy for protecting their passwords. However, when it involves your computer, your smartphone and your web accounts – you set the rules. Go ahead, write down your passwords!
Many computer security experts say that slip of paper listing your passwords may fall into the wrong hands. But I S-T-R-O-N-G-L-Y take exception to that rule!
How can you remember ten complex passwords, then change ‘em and remember them all over again? The answer is: You can’t! That’s why so many people use weak passwords.
After my daughter’s email was hacked I was motivated to search for solutions for her and ultimately for you and me. For about a month, I spent a major portion of my PC time surfing the web using the search terms: “security” and “hacked.”
I knew I'd struck gold when I came across various stories about and articles by Jesper M. Johansson, then Microsoft's Security Manager.
Admitting IT security experts have been giving out the wrong advice for 20 years, Johansson espoused a new – still controversial – password philosophy. He shared his theory with hundreds at a national computer conference in Australia. “I have 68 different passwords,” Johansson told the group. “If I am not allowed to write any of them down, guess what I am going to do? I am going to use the same password on every one of them.”
It all makes so much sense!
Without being able to rely on this sanity preserver or necessary crutch:
- You'll continue to use the same password on multiple accounts.
- You’ll stick to simple passwords that are easy to decipher.
- You won’t create passwords that are complex enough to stop the hackers and difficult for you to remember.
A humorous look at passwords
Johansson expounded on his point in a 2008 article in TechNet, Microsoft’s online magazine. This architect of Microsoft's security contends that simple passwords are a “very weak form of security. Yet… you can generate strong passwords and write them down – there really is nothing wrong with that,” Johansson explains. “However, people are so inundated with bad security advice from everywhere and everyone that users actually think it is better to use the same password everywhere than to write down their passwords."
A similar point was made in a post on computer security firm Beryllium Sphere’s website, “A password you can remember is a weak password,” asserts an anonymous Beryllium poster. “The bad guys have password-guessing programs that know every word in the dictionary. These programs can try millions of passwords in a second.” Normal people can't memorize a complex password – one that will stand up to cyber attack, he says.
“If you're not trying to remember a password then you're free to change it frequently, which also makes things more secure,” the computer security expert concludes.