Ah, passwords, the keys to modern living. It seems you can’t go anywhere or do anything these days without a password. Your workstation needs a password, your gym needs a password, even your trusty buddy the cell phone may need a password. With so many passwords, it’s tempting to make life easy and just have one master key, or password to simplify things. While this may be easy, it’s definitely not secure and you risk putting in danger every access point where you use that “master key.”
It brings to mind the old castle housekeeper with gigantic ring of keys to every room in the castle. What a burdensome load to carry. Wouldn’t a master key be easier? Yes it would, but one stolen key and the whole castle is breached.
You’ve heard it time and again… “Use a Strong Password.” But strong passwords are hard to remember and there’s nothing more frustrating than getting locked out of an account because you’ve typed in the wrong password 5 times. We all know better than to make our password “Password1” (don’t we?), but the issue is much larger and more important than that. We all ‘kind of’ know we need strong passwords. But how strong, and why all the fuss?
Choosing a strong password
– These days certain software will tell you, as you type in a password, how strong it is. It may even give you a red-yellow-green indicator light. This is especially true with software that deals with access to important elements of your business, like your web hosting server. Be sure to come up with the most diverse password you can create. When a web page or software creates a password for you and it looks like “Y6tff%rJ!” do not change it to your son’s first name. Always include numbers, small/capital letters and symbols in your password. Try to make your password at least 8 characters long. If your mom can guess your password, so can a hacker. Avoid names, dictionary words, and passwords like 12345.
Remembering a strong password
– OK so how does one go about remembering “P89#r76b?” Simple! Use a password keeper to keep track of your passwords for you. Password keepers allow you access to all of your passwords by knowing just one password. (Aha! There is a master key!) Be sure to make backups of your password keeper so you don’t lose your important information. In an emergency you can choose “Lost Password” on most software and web based applications.
Protecting your password
– Let’s start with the basics. Never write your password down on a piece of paper. Never save your password in a file called Passwords.docx. If you do need to give your password to a co-worker, friend or computer repairman, be sure to change it soon after they are finished. Never put a label with your password on the bottom of your keyboard. Even the best and brightest can accidentally give up their password. Phishing scams are specifically created to get you to hand over your password. If something seems odd, like you click a link in Twitter, and Twitter asks you to log back in, shut down the window, it could be a scam. If you have had an incident involving your password, change it immediately. Companies recently compromised include Yahoo!, Battle.net and LinkedIn. It’s a good idea to change the passwords on your accounts every few months anyway.
Diversifying your passwords
– Say you’ve got a really great complicated password like “B7YYm$0t4” yet you’re using it as your Twitter Password, bank password, computer password and for everything else imaginable. This is a bad idea. If a hacker accesses your Twitter they then can go and access every other entity you do business with online. Using the same password can also put your employer at risk.
“It is always a wise strategy to utilize separate passwords for your personal accounts and your corporate identity. Besides good mnemonic strategies for remembering and creating strong passwords, utilizing applications like KeePass as a central password directory can greatly assist if you have too many passwords to handle. Using the same password for your corporate account as your personal accounts only puts your organization at risk.” – Ray F., Vice President of Network Security for HostDime
Imagine having a key that opened your house, your business, your car and your safe deposit box. Scary, right? Not only do you need to diversify your passwords but your pin numbers as well. Using the last 4 digits of your Social Security number for a banking pin can only lead to trouble. Stop and think a moment how many times you give out the last 4 of your social.
With the rash of hacking attempts of major online entities recently, password security is more important than ever. Keeping your password protected and diversified is as important as the deadbolt on your front door.