How to keep safe with strong passwords -Internet security is based on the “weakest link” principle, and passwords are often times the only method of protection. Passwords are our first line of defense when trying to protect our computers, our online accounts, and our data. We all know that “strong” passwords are better than “weak” passwords, but what we don’t realize is that hackers are becoming increasingly sophisticated at “cracking” passwords. We should routinely change our passwords to stay ahead of hackers, but more importantly, we need to be aware of the techniques they’re using to steal them in the first place.
Think about what we have protected by passwords and understand the consequences if someone steals them – email, bank accounts, contact lists, websites, photos, files and whatever else we have on our computers. Files can be changed or deleted; computers can be turned into servers that send out spam or viruses to your contacts and your internet connection can be used for other malicious tasks. Let’s Understand How Passwords are Stolen Think about the following frequent tactics hackers use to break-in when thinking of a “strong” password.
- Guessing A lot of times programs are written to simply guess a user’s password. They scour the web to find and use personal information such as names, birthdays, friends’ names, pets’ names or even hobbies as a starting point. From there, they manipulate that information, even spelling it backward.TIP: Do not use any personally identifying data in your password.
- Dictionary-based AttacksSometimes, programs are used to try every word in the dictionary or another type of word list to try to find the password.
TIP: don’t use actual words – even in a foreign language - “Brute Force” AttacksBrute Force attacks are simply trying every conceivable combination of key strokes in tandem with a username and they often succeed at discovering the correct password fairly quickly.TIP: use a long, complex password that uses upper case letters, lower case letters, numbers, special characters and punctuation marks.
- PhishingPhishing scams often try to get you with an “urgent” message or email. Sometimes, they appear to have come from a friend, a financial institution or other legitimate sources. They’ll include a link that will take you to a malicious website designed to trick you into entering information like your username or password.TIP: If you receive an email or other messages with a link, often times if you simply HOVER your mouse over it, you can see where the link will take you if you click on it. For example, if Bank of America sends you an email with a link and you HOVER your mouse over it, you may see something like this in the bottom left of the screen or pane (https://bankofamerica.com). However, if something doesn’t seem right (spelling is a BIG giveaway), that same link might be displayed (when you HOVER) as http://bankofamerica.com.thisisntagoodwebsite.com…. Pay attention to links BEFORE you click on it.
- “Shoulder Surfing”How many times do you feel someone peering over your shoulder at your neighborhood coffee shop, library, break room or even your office? Passwords are not always stolen online!TIP: try to enter passwords quickly and without looking at the keyboard.
OK – Now Let’s Create a Strong Password
Here are some things to consider when creating a strong password:
- Use BOTH upper and lower case letters
- Place numbers and punctuation marks randomly within the password
- Make your password complex and fairly long – usually a minimum of 7 characters
- Use the special characters on the # keys:! @ # $ % ^ & * ( )
- Consider using a phrase or song title as our password
For instance, “Unchained Melody” becomes “unCh!M3L0dy^” or “Learning to Fly” becomes “L34rnG2F1y*” - Make your password easy to type easily
Let’s Use Your New Strong Password
Now that we have a strong password, let’s use it:
- Use different passwords for different things; that way, if one password is compromised, the other accounts won’t be at risk.
- Change your passwords on a regular basis
- Don’t share your passwords
- Never “Save Password”, even if you’re prompted to do so. Pre-saved passwords might be convenient, but it makes it simple for anyone else using your computer to gain access
Remember, strong passwords are our first lines of defense when it comes to protecting our digital footprint. Let’s create them and use them correctly.