Creating Strong Password May Not Be Enough
Passwords are one of those every day nuisances of online life. Just about everything you do online, short of browsing the news, requires a password.
Why are we even still using passwords? This is technology that was developed in the 70s when only a few scientists and researchers were using the net with green screens and cryptic DOS commands. Surely there is a better way.
And let’s face it, once you get an online presence on many sites from credit cards to banks to email and retail sites, you end up with multiple passwords, all with differing requirements.
Some sites make you include numbers or capital letters, while other require that you include at least one special character using the key on your keyboard.
Once way people try to get around all of the password confusion is to use the same secure password across many sites so they do not get confused whenever they try to login.
However, all security experts will tell you that this is a terrible idea, particular if they contain financial or other sensitive data. If hackers are able to crack one site’s security and still their lists of passwords, then they would have your password to many other sites with a little detective work. Sure, they still need to know your user name for the other sites, but why do you want to give them 50% of the solution to the puzzle?
In fact, even so-called secure passwords that require we just through a lot of hoops may not be as safe as we thought.
Recently, articles in the news suggest that despite our best efforts to create passwords that are difficult to hack, it may be all for nothing because of the way they are stored on any particular site’s database.
It seems that an alarming number of websites do not encrypt the actual files that contains the password data, so if that file is stolen, it does not matter how many special characters or combinations of odd letters and numbers you have in your password, getting your password is as simple as reading a text file.
As unnerving as that is, you can only control what you can control in life how the security practices of various websites is beyond your scope. Hopefully as more light is shined on the vulnerabilities of the web in general, more sites will start to take customer and user privacy and security more serious.
If you are worried about your online financial information being stolen, you can take some solace in the fact that most major financial institutions, credit card companies and major online retail outlets take security very seriously, although nothing is ever really 100% secure on the internet.
It is the smaller websites where you should be concerned with everything from password security to personal information like credit card, name and address. I would be very careful where I store a credit card number online. If it is a smaller, lessor known website, I tend to pay through PayPal where you only have to give the site your associated email address, similar to the way you are paid on Infobarrel.
Here are some tips to control what you can control with your online security with the best passwords.
What can you do to protect your accounts online? Strong passwords are your first line of defense. Whether the site encrypts them or not, you should be mixing and matching characters, not simply entering password123.
Most people do not realize how easy it is to hack a password with free online software such as John the Ripper. A typical password can be cracked in seconds because they are not random enough.
How to Create a Strong Password
- Create passwords with numbers, letters, caps and special characters
- Do not get cute using symbols such as @ for the letter a: example- p@ssword
- Change the password every month
If you do not think your password numbers are random enough, there are secure password generators available online. Using a password creator will assure that you have a much different login for every website.
Amazon Price: $52.00 $21.99 Buy Now
(price as of Sep 11, 2015)
Best Password Managers
If you have 20 different logins and passwords for various websites, how do you keep track of them all?
There are two methods I use. First, I use a free password manager from the Norton Suite of products offered free to Comcast users. Whenever you go to a site and login, it will ask you if you want to store the login credentials. If you select yes, the next time you go to the login page of that site, the information will automatically appear in the appropriate boxes. There are other password apps available online, some free, others not.
What if someone steals your laptop you ask. Won’t they have access to all of your accounts through this password app?
Yes and no. The best password managers require a master password to access the various other passwords. So without first entering the master, the other logins will not show.
However, yes, you are correct, anything can be hacked by the right person. But that has not discouraged me from using the manager. It is a calculated risk for me. My laptop never leaves my home unless I travel, and I guard it carefully.
As with anything in life, you can never be 100% secure, even in regard to your personal safety, so I consider it a fair trade-off to manage multiple complicated sign-ons.
Use Excel as a Backup
Additionally, I keep all of my passwords in a password protected Excel spreadsheet on a separate thumb drive, which itself is encrypted and required a password to open. Yes, that Excel sheet is the key to my kingdom, but I keep it well guarded.
If you are interested in storing password in Excel using a password to open, simply click Save As. In the box that opens, look for “Tools” to the left of the Save button. Pull that menu down and select General Options. Enter a “Password to Open”. It will require you to enter it again to make sure there are no spelling errors.
Amazon Price: $5.49 Buy Now
(price as of Sep 11, 2015)
Do not forget about mobile security either. In fact, many people do not have any sort of virus or security protection on their smartphone at all.
As with anything in life, you can never be totaling safe from every possible outcome. Just as you do not wall yourself off from the outside world behind 20 foot high walls with armed guards, there are certain risks with being online that will always be present. Until every Systems Analysts on the web starts to take security seriously, we are all somehat vulnerable.
However by controlling what you can control, you can at least make it much more difficult for thieves to gain access to your personal information. And it does not have to be a grueling process with the use of the best password managers.