When it comes to making up and maintaining passwords, it is astonishing how complacent we can be… Everything that we access on the internet, that is on a personal and private level, requires an account username and password, (i.e. our internet service provider account, email, banking, purchasing, instant messaging, community sites, places of employment, etc.). The majority of us will use the same username and password for every account we access and will usually use one word (for the password) that is something that we hold close to ourselves (i.e. pet’s name, child’s name, nicknames, birthday, etc.) . Instead of using good password management practices, we end up using the same password for every account we setup or maintain and often never change that password. Another fact is that we will write the password(s) down on a scrap piece of paper; then we’ll stick it on the computer monitor, under a desk pad, in a desk drawer, etc… We innocently do these things, as a matter of convenience, so that we do not forget the password. I also know for fact that we, as humans, do not like change; even something as simple as changing a password.
What are the risks of weak password(s) falling into the wrong hands?
A person can access our accounts to impersonate us; steal our identity; monitor our activities; acquire personal information; sign our name to online service agreements and contracts; change our account information or profile, acquire credit card information, etc. To put this into perspective, it is not uncommon for online web mail accounts (passwords) to be hijacked and you the victim become locked out the account. You probably thinking, so what, my email account carries no value. Well it will when everyone in your address book starts receiving scam emails indicating that you are stranded in a foreign country and you need money; plus, you put each of those addresses, in your address book, at risk.
What to do (some basic password management tips):
- When possible, use a “Passphrase” instead of a “Password”. “Passphrases” are nonsensical sentences that are easily remembered. For example; by typing “My wife calls me donkey! Wonder why?” is harder to crack than using the password “donkey”; however, the problem we run into is that many services do not allot enough character space to type a full sentence or phrase. If you have to use a “Password”, use at least 7 characters, make it easy to remember, avoid dictionary words, avoid number sequences, and throw in an upper/lower case mix with some symbols (for example: Eye812!). The longer the password, the better.
You can test the strength of your passwords at Test Your Pas$word.
- Use good password management practices when protecting accounts that are very important.
- Do not share your passwords with anyone. Treat passwords as if they are the keys to your house.
- Do not use passwords that would be common to your profile as a person (i.e. birth date, dog’s or cat’s name, nickname)
- Do not use passwords such as Admin, Administrator, 12345, password, etc…
- Change the Password or PassPhrase on a regular basis. We have the tendency to not change our passwords for years.
- Use Password Management software such as KeePass or S10 Password Vault to manage, store and automate username and password form entries.
If you have any other password management tips you would like to share with the readers here, please comment below.