Monday, May 25, 2009

Creating Passwords That Work


Computer Care: Complicated passwords will keep you safe

By Arthur Glazer
arthur@glazerthepctech.com
POSTED April 10, 2009 9:52 p.m.

The easiest forms of passwords are your children’s names, perhaps your pets, your address or birthday. But guess what? They are the most common ones and hackers know that. They will try those first. With just a little research your password is broken and your security is gone. Fluffy1? I don’t think so.

So what is a good password? I’m glad you asked.

First, don’t use a universal password. If a hacker guesses one, he gets them all. Use different passwords for different things.

Next, change them on a routine basis. Keep the hackers guessing. If you can’t remember them, use a password manager, but we’ll get into that in a moment. But by no means should you have sticky notes framing your monitor with your secret names on them. It’s like writing your PIN on the back of your debit card.

Change the temporary password that you’re given by your ISP, bank or router software. Don’t keep 0000, Admin or password as your password. It’s just not a good idea. Sure, it’s easy, but you know someone other than you already knows it.

Last, but equally as important, use at least eight characters (some say 10-14) and mix them up. By that I mean use upper and lower case letters, as well as numbers and symbols. It makes hacking that much harder. The password RenruT*63 is infinitely better than mykitty or fluffy1, and gives your computer a considerable defense.

RenruT, you ask? This is what I like to do. Use acronyms that make sense and spell things backwards. Then, top them off with numbers and symbols. If your name is Turner and the last two digits of your address or birth year is 63, you could safely (until now) use RenruT*63. It’s strong and easy to remember.

How about Wolfe? It becomes Eflow or efloW and spiced up could be EfloW#87, a strong password. Of course, the longer the word is, the stronger the security.

Alternatively, you could make up sentences and remember the abbreviations. Try something like, MdLiaAS11#, which for me translates to: My dog Lola is an Australian Shepherd, eleven years old. It’s a 10-character password using upper and lower case letters with numbers and symbols.

Mbhind2#5911 could be, "My brown house is next door to number 5911." Whatever works for you. Be creative. Make it something you can recall, but mix it up. No password is totally secure, but some are obviously better than others.

For those who have trouble remembering, there are password managers. You could let it do all the work for you and to make it secure, have the manager itself be password-protected. This way you would have only one word to remember.

Go to www.roboform.com and check out their product. I’ve mentioned this one before; it’s a good one. Roboform is a password manager that also fills in forms for you. When you get to a web page that requires a secure login, it jumps into action by signing you in. Should there be a form to fill out, it will type your name and address as required. How cool is that?

The free version is good for 10 different web sites, with no time limit. For more than that you’ll have to purchase it. The paid version ($30) is for an unlimited number of sites. You could also have it generate random passwords for you, and then have it remember them.

There are others on the market, some included in utility suites. Go to www.download.com and initiate a keyword search for "password manager."

Having a strong password plays such an important role in computing, now more than ever. There are people out there whose job it is to get your personal information. If they don’t use it for themselves, other people pay them for that information.

Your bank or ISP will never call or e-mail you and ask for your password. If it does happen, it’s a scam. Tell them nothing. If you aren’t careful, your bank account could be cleaned out before you even realize it. Not only would you lose your money, but the bad guys will probably never get caught.

It’s not just your bank account either. If someone hacks your eBay account and bids on something under your name, you bought it if they are the high bidder.

Think of all the passwords you have. They are all protecting something.

Even an online forum that you joined could be suspect. Someone disguised as you could leave a comment that could damage your reputation or that of someone else.

There’s no end to the damage that could be wrought. All it takes to prevent it is a clever eight digit code.

So remember, Jusp2bso! (Just use strong passwords to be secure online!)

Arthur Glazer is a freelance writer and computer technician whose column appears biweekly and on gainesvilletimes.com.



No comments:

Post a Comment

Got a Comment - or a quick question...