OK. Show of hands (that’s right I’m watching).How many of you use the same password forEVERYTHING! According to a survey done by the security firm Trusteer, 73% of you use the same password that you use on a banking website on other places on the web. I see it all the time in as work on computers. I recommend to people to use a different passwords for anything dealing with money. The answer I often get is, “Well, you are right but its just too hard to remember all those passwords.” These are the same people that live in nice homes and keep them locked and dead bolted all the time. Some even have security systems. I wonder if the PIN or password for it is the same as everything else.The best passwords are the ones that are easy to remember for YOU. There are several schemes that I will discuss on creating passwords that are tougher to crack but not so hard for you to remember. In the beginning, the computer administrator assigned you some randomly generated password that no one but Rain Man could remember. They were often forgotten which meant that they were often reset (more work for the techie types) OR they were written down for everyone to see thus defeating the point of having a password. Eventually it was just easier to initially assign a system password but let the user pick their own. So now that brings us up to present day. So in choosing a password lets start with a few guidelines.Password Do’sDo make your password at least 8 characters in lengthDo make sure it includes a character from each of the following groupsUpper case alpha characters (A-Z)Lower case alpha characters (a-z)Numbers (0-9)Symbols (!@#$%^*()_-+=,./[]:)Do change your passwords regularlyI know that last one is hard for any of us to do but at the very least change the passwords on anything dealing with money on a regular basis (3 to 6 months). Also, when using symbols, avoid using the ampersand (&) as it has been known to cause problems with certain systems.Password Don’tsDon’t use words found in a dictionary of ANY languageDon’t just substitute a letter in a word with a symbolDon’t start or end your password with a numberDon’t use a word spelled backwards, common misspellings or abbreviationsDon’t use the word Password (one of the most common passwords on the Internet)Don’t use a number sequence (123456), repeated characters (33333333) or adjacent keys on the keyboard (qwerty)Don’t use any personal information like your birthday, name, social security number, drivers license number, etc.I know, I know, more don’ts than do’s but now you have the basic rules to start with. There are several schools of thought on what makes an easy to remember password. One involves substituting some letters or words for symbols and numbers.The rules below is an example of how you might do substitution (please note these are NOT the rules I personally use):Replace all the ‘a’ with @Replace all the ‘s’ with $Replace any space with %Replace any ‘o’ with 0Replace any ‘i’ with !Replace word to, too, or two with 2Replace word for with 4Replace word ate or eight with 8My favorite is to start with a phrase you is common to you and use that as the basis of your password. Then remove most of the vowelsFor instance, “Swing low, sweet chariot, coming for to carry me home” could be translated into the following password:Swng%lw,%swt%chrt%cmng%4%2%crry%m%hmNow that might be too long a password for some websites so you could just take the first letter from some words like this:Sl%Sc%C42cMhA little shorter and still using the base phrase as the starting point. Also notice how I capitalized every other letter and substituted % sign for the commas. But once you have your basic rules, you can convert any phrase to a password. Now once you have created your password, you can see just how good it is using the onlinePassword Meter.Password ManagersIf you are using a lot of passwords, you might consider using a password manager. This is software that stores your passwords, PINs or other logon information and will automatically log you into websites. These in turn are protected with a master password. Many Internet Security programs include a password manager. I personally use theNorton Identity Safethat comes with Norton Internet Security. There is even a feature that will securely store your passwords on the web so that any computer you use that has the Norton Toolbar will give you access to your passwords when you log in. Two other notable password managers that I often see areRoboFormandLastPass. Both offer an online sync solution so that you can use your passwords anywhere their programs are installed. RoboForm offers a free trial. LastPass is free unless you want to upgrade to the service that allows you to sync your passwords online. Another sync feature that is offered in Firefox that allows you to share logon information as well as bookmarks on any computer that you use Firefox with. The downside to this approach is that Firefox itself is not password protected so anyone that has access to your computer can get your passwords.I’m going to start offering LastPass when I service computers as a way to help my personal clients improve their online security. I will let all you know at a later time how that works out.Now if all this sounds too overwhelming to even start with, another approach that I endorse is to have a a tiered approach to your passwords. What I mean is for websites that you don’t care about being broken into, use the same password. For email accounts, Facebook or other websites that do not involve money use a stronger common password with an extension designating what it is. Taking the last example from above, we would make our Facebook password: S%l%S%c%C%4%2%c%M%h_Fb and our Yahoo Mail password would be: S%l%S%c%C%4%2%c%M%h_Yh. Remember though, anything involving money, banks, investing sites, credit cards, etc still need a unique and strong password.References:Study: 73% use bank password everywhereReused Login CredentialsTips for creating strong, easy-to-remember passwordsCreate Strong PasswordsThe Top 10 Most Common Internet PasswordsHow To Create Strong Passwords That You Can Remember Easily
...read more
