Golden Rule to Internet Security: Change Your Passwords
In today’s technology-powered world, everything from our emails, social networking sites to our Internet banking details is protected by invisible walls built on code, accessible by us with a string of characters, also known as the password. As technology continues to better (and plague) our lives, it has become inevitable that our information can, and is stored online.
And why not? You get easy access to it regardless of where you go, where you are, and let’s not forget the convenience of not having to queue up to settle your banking and official matters (that electricity bill isn’t going to pay itself).
These days, even shopping can be done online. You can even order anything from fashion items to fast food, luxury items to everyday groceries over the Internet. We know how to use these tools and services, but do we actually know how to keep our online accounts and information safe?
If you secretly answered yes to that, then you’re in luck. Skip ahead to ‘Check the Strength of Your Password’ to give your password a try. See if it is actually strong enough to withstand hacking.
Hacking and Passwords
First of all, let’s make this clear: there is a difference between leaving your Facebook account logged on, and getting your account hacked. There are skills involved when it comes to hacking (and sometimes it’s just pure, yet smart, and brutal guesswork).
Now, you probably already know through movies and pop culture that the individuals who hack are called hackers. What you may not know is that they may come in several forms – designated by the color of hats, defined by their intent. Here’s a brief round-up:
- ‘White hat’ hackers: Security experts
- ‘Black hat’ hackers: computer criminals
- ‘Grey hat’ hackers: undecided
- Script kiddie: A hacker in progress
Recently, two online security breaches occurred, which prompted the writing of this topic. One, a hacker broke into 6.5 million LinkedIn accounts in June 2012 obtained their emails and passwords and listed half of them online.
Here’s an infographic by rapid7 about the top 30 LinkedIn passwords that were cracked by the hacker, which were then posted on a Russian hacker forum. See any of the passwords in there that you are using right now? If you do, you really need to change your password.
The second incident of concern was the Dropbox password leak in which users had used the same username and passwords for their Dropbox account as they have with other third-party accounts they own. It’s like having the same key for all the doors in your house. Open one, and you can open them all. Why tempt them by making your fort so easy to break in?
Creating a Strong password
So passwords are important, but do you know what makes for a strong password? The general concensus, which is available everywhere on the Net, and I mean everywhere, is that it should NOT
- contain words that can be found in the dictionary,
- be in sequence or in repeated characters.
- contain particulars about your name, birth dates, social security, passport, driver’s license or any identifying documents. The same goes for details of your close family members.
It’s best to use a complex, varied and long-enough password to secure your accounts. The password should carry at least 8 characters and be a combination of numbers, symbols and letters in both lower and upper case. Change your passwords regularly to keep them effective.
Check the Strength of your Password
Not convinced that you should change your password(s)? Here are three websites that can help you check the strength of your passwords.
This site will tell you how long it takes for the computing power of a normal desktop PC to crack your password. The longer the time displayed, the stronger your password. Try it with ‘123456’.
Another password strength checker that tells you where your password stands with instant visual feedback. Just for the fun of it, try to make a password that will give you a BEST reading like what you see below. A long password does not automatically ensures you get a BEST reading.
Length factors into this password strength checker, unlike the previous website. The site also carries some information on how to make strong passwords.
Forgot your password?
Experts say that you should generate unique passwords for every account you have online. This would ensure that even if one account has been compromised, the same password would not work on the other accounts that you have, even if you use the same username for each account.
If you do however take this advice to heart, then you might face another problem: remembering all your unique passwords.
Here is a workaround to help you conquer and manage your passwords, and no, it doesn’t involve taping your password to your screen. Have a generic personalized bit of the password, one that you can add to each unique password just to make it harder to crack. Let’s use g33k as a (flimsy at best) example.
Then, fall back on something about the site that will occur easily to you to complete the password, for instance:
- Logo: for Twitter you can use g33kBluBi*d
- A variation of the name: g33k@fasbUK
- Service: g33kMYemelz
Feel free to jazz up the spelling so that it doesn’t reflect a word in the dictionary, in any language. Spruce it up with a mix and match of lower and upper case letters, and sprinkle some symbols in between to add flavor to your passwords.
This way, even if you forget your exact password, you can easily regenerate it based on your personal inclinations, and try until you can regain access to your account. When all else is lost, retrieve your password by following the site’s instructions.
I’m no expert in creating and managing passwords, in fact, I get locked out a lot which can be a pain. But why go through all the trouble when there are plenty of tools found online that can help us manage these invaluable passwords. Some tools can even generate, manage, and store your passwords for you. But tools are just tools, they still need someone to find and use them.
So before you become a victim of a hack, or lose control of your personal accounts online, do some spring cleaning and change those keys to your gates. You never know which of your accounts could be the next target of a hacking exercise.