OK. Hands up how many of you have a password that combines your cat’s name with your birthday. Just me then? Somehow I don’t think so.
We know it’s wrong, but it’s easy, and anyway, what are the chances of something bad actually happening, right? Think again.
According to the 2017 Norton Cyber Security Insights Reports, last year cyber-criminals stole $172 billion from 978 million consumers. So maybe it’s a good time to revisit appropriate (and effective) password etiquette.
Here are some tips from the Centre for Arts & Technologies Network Security Students…
STRONG PASSWORD CREATION
DON’T use personal information: It’s strongly recommended that you don’t include any words related to your name or names of family members or pets in your passwords. Also, don’t include easily recognizable numbers like your address, phone number or birthday.
DON’T use real words: Password cracking tools are very effective at helping attackers guess your password. These programs can process every word in the dictionary, plus letter and number combinations until a match is found. Steer clear of using “real” words from the dictionary or proper nouns or names.
*Top Tip: Use mixed characters. By combining uppercase letters with lowercase letters, numbers, and special characters such as “&” or “$” you increase the complexity of your password and decrease the chances of someone hacking into your system.
DON’T Use Common Words In Your Password: Sure, ordinary words may be
easy for you to remember, but they’re easy for everybody to guess as well. Thieves know them, and the tools they use to break into accounts try these words before anything else. Avoid using words in passwords entirely!
You should also avoid using common sequences of numbers, as well. Any variation on “!23456” is just too easy to guess.
DON’T Use Any Identifying Number As Your Password: Any number that people can easily associate with you doesn’t belong in your password. Phone numbers are too easy to link to your account, and leaving your Social Security number in a database (even a supposedly secure password database) is just too dangerous. Keep your personal numbers out of your password.
DO create longer passwords: It is generally recommended that passwords be at least eight characters in length. Probability dictates that longer passwords are harder to crack.
Modify easy-to-remember phrases. One tip is to think up a pass-phrase, like a line from a song, and then use the first letter from each word, substituting numbers for some of the letters. For example: “100 Bottles of Beer on the Wall” could become “10oBb0tW”.
SAFE PASSWORD STORAGE
DON’T write them down: Resist the temptation to hide passwords under your keyboard or post them on your monitor. Stories about hackers getting passwords by dumpster-diving and “shoulder-surfing” are absolutely real.
DON’T email somebody your password: If you do decide to share a password with someone you trust, don’t share it via e-mail. Not only does the bank get really angry when you share your account, but you don’t know what could happen to the e-mail account of the person to whom you send the e-mail. Just because you do your best to ensure security on your accounts doesn’t mean everybody does.
DON’T Share Your Password With Somebody You Don’t Know: Duh. If you wouldn’t trust someone with your wallet or your car, don’t trust them with your password. There’s no telling who’s on the other side of that e-mail account or phone number. Ask anybody who’s ever exchanged pleasantries over e-mail with a Nigerian prince asking for a little financial transaction.
DO use a password management tool: One way to store and remember passwords securely is to use a tool that stores your list of user-names and passwords in encrypted form. Some of these tools will even help by automatically filling in the information for you on certain web sites.
DON’T Type Your Password When Using The Internet On A Network You Don’t Trust: Hey, look! That network advertised on the sign that says FREE WIFI at the airport or hotel surely has to be safe, right? Wrong.
If you’ve never been on the network before and it seems too good to be true, please stay off of that network. Verify that any public network you’re on is valid before conducting important business on it.
If you’re at a hotel or airport or even somebody else’s house, ask someone with some authority or knowledge before you access the network. And even then, use a VPN to ensure that your traffic is secure and encrypted before you proceed with any major decisions, like taking out a mortgage or Tweeting a picture of your meal.
PASSWORD UPDATES & MANAGEMENT
DO change passwords on a regular basis.
Online financial accounts should be changed every month or two, while you may choose to change your computer log-on password every quarter.
DO use different passwords on different accounts.
Don’t use the same password on more than one account. If a hacker discovers it, then all of the information protected by that password could also be compromised.
DON’T type passwords on computers you do not control.
When using your laptop in a Wi-Fi Hot Spot or a computer at an Internet café, you want to avoid any actions that require a user- name and password (such as online banking or shopping) because your data could be intercepted over the wireless network or with keystroke logging devices.