Gmail. Facebook. Bank of America.com. What do they all have in common? Well, they all require user names but more importantly, they require passwords.
Passwords have become a vital component in the Internet age. Online banking and social websites all require us, the users, to supply personal information we need to protect. The password is a critical element of that protection. Unfortunately, users do not always use best practices as it relates to passwords.
Who can blame them? Using a mental count I can think of no less then 16 different websites and email accounts I access that require a password. Sixteen and I am sure I forgot some. It is no wonder that we become lax in our password practices either using very simple passwords like....”password” or using the same one for all our logins. Well this can be a very dangerous practice.
For example. I have used a popular website called Ebay to buy and sell goods. For those not familiar with Ebay, it is an online auction site that allows users to buy and sell just about anything that has value. Now Ebay requires that you have an email attached to your account so you can receive correspondence through the service. Imagine my surprise one day when I logged on to my email and found I had posted 12 auctions with items to sell. I immediately went to my Ebay account but was unable to login because a hacker had cracked my password and hijacked my account. Fortunately, and to Ebay’s credit, they saw the unusual activity and locked my account. Had they not, I could have had buyers who paid a hacker for items I did not have to sell, and I would have taken the heat. All because of a lazy password and a good hacker.
So how do you follow good practices as it relates to passwords?
n Avoid weak passwords like your name, a pet’s name, common computer terms, common cities, etc. Also adding a number in front or back of those terms does not increase their effectiveness. Birthdays and phone numbers also are poor passwords and passwords like 1234 or ABCD are obvious bad choices. A password should be at least more than eight characters.
n A strong password contains both upper and lower case characters. It should have digits and punctuation characters as well as letters. Again, it should be at least eight alphanumeric characters long. If possible do not use a word in any language, slang, dialect, jargon, etc. Passwords should not be based on personal information, names of family, etc. Avoid writing them down and never have them stored on-line.
n Try to create passwords that can be easily remembered. One way to do this is create a password based on a song title, affirmation or other phrase. For example, the phrase might be: “The Star Spangled Banner” which converts to a password like “Th3StSPBaN.” A phrase like “Why did the chicken cross the road” could create a password “whYdChicr0th3RD.”
n Most important! Change passwords regularly, even if just a slight change. The more important the access portal, like your banking website, the more often you should change the password.
I can hear the grumbling now. “How am I supposed to remember all the passwords?” In this age of online access and identity theft, consider the alternative. An empty bank account or credit cards fraudulently opened under your identity are real threats. Take your passwords seriously, or be prepared to face the cyber consequences.
Michael Shaffer, of Computer Renaissance of Bradenton, can be reached at (941) 753-8277 or at firstname.lastname@example.org.