Saturday, April 14, 2007
Online Safety - About Passwords
A problem that many people have regarding passwords is that they FORGET THEM! In most cases, this worry (or actuality) about forgetting passwords makes people try to come up with more memorable passwords.
In doing so, most people end up using 'familiar' words. In an effort to be able to use their 'regular' or 'common' or 'most used' passwords QUICKLY (in a hurry), which only make the passwords EASIER FOR HACKERS to uncover! Often people will use children, parent or pet names, birthdays, or the numerical digits of the current month - as password material - when they sign up for various internet products, memberships or services that require passwords.
Hackers can easily dissemble and figure out such information - they are EXPERTS at working with alphabet characters used for passwords and are CORRECT in assuming that they'll be working with the alphabet. The alphabet has a finite number of characters (26) and even if 'caps' are added, this brings the total of possible characters to 52! Computer programs can easily handle 'combinations' for only 52 possible characters and I won't even hazard a GUESS as to how many kinds of 'combination generator' programs have been made to DO JUST THIS and provide every combination of a 52 character-string that is possible!
Many security information sites I've visited suggest that users make passwords that aren't stricly considered 'WORDS.' (There are also some 'info-sites' that suggest the opposite, and I will mention these AS A WARNING TID-BIT at the end of this post).
A first step in following this advice and arrange a 'more secure' password is to make sure and use a numerical digit within your word, if you still insist on using a 'word' that is simple enough to remember. Remember, this will only make your password 'more secure' but your password will still be relatively easy for a hacker to deal with and uncover. Adding a number to your password will make your password slightly better than if you use only letters, so if for some reason, you can only do this with your password, DO IT! Any 'better measure' that can be taken, rather than only using letters - is much recommended!
A next step to making the your password just a little bit tougher for hackers to figure out - is to use other symbols as well as letters and numbers - wherever possible. Some sites won't accept anything but numerical or alphabetical data, but use whatever is allowed - whatever will give your password more variety of characters.
A further step, where possible - that will make a safer password is the 'passphrase.' Though a passphrase will still use words, it will likely also allow numbers and other symbols. Even if it only accepts letters, the password will be much LONGER than 'password-cracking' software that most hackers use and will include SPACES that will hinder a hacker's ability to 'crack' it. The sheer TIME IT WILL TAKE a hacker to figure out more combinations of words, letters, numbers, spaces and additional symbols will probably not be worth a hacker's time - thus, you have heightened your security.
Many of the sites that will accept the 'passphrase' will have excellent, well-monitored 'tools' on their site to help you with the creation of your passphrase, so go ahead and use passphrases wherever you can!
Additionally, use a password management tool. Most are designed, not just to make passwords difficult for hackers by way of 'form,' (the password, itself looks difficult for hackers to figure out), but also by special encryption benefits written into the password management tool software! That is - the program might actually be 'active' and re-write password codes FOR YOU, making your passwords LOOK DIFFERENT TO HACKERS everytime you need to use a password.
NEVER USE THE SAME PASSWORDS FOR DIFFERENT ACCOUNTS!
About sites that make suggestions about how to make 'easy to remember but secure passwords.' Read the information carefully on sites like these. If their advice say, in fact, to use 'easy to remember' words - Don't Go For This!
The only time that an easy-to-remember password might be worth using - is if you know you are going to be changing the password within the next half hour - into something MORE SECURE!
I understand that when doing 'account creation' online - where 'confirmation emails' are often part of the process, making the 'sign-up' process require more time - you might want to fill out account information in a hurry. Use your own judgement with this, in making an 'easily-hacked' password when you're in a hurry!
If you do this - CHANGE YOUR PASSWORD AS SOON AS THE ACCOUNT IS CONFIRMED AND FUNCTIONAL!
Many sites offer 'password suggestions' during sign-up...if the suggestion contains numbers, go ahead and use them - then CHANGE YOUR PASSWORD ANYWAY AS SOON AS THE ACCOUNT IS CONFIRMED AND FUNCTIONAL!
Other sites give 'helpful' information about making passwords and their information is simply OUT OF DATE.
Number combinations with just letters USED TO BE a fairly secure way to make a password several years ago. This isn't the case anymore, so...
PLEASE BE CAREFUL...
Subscribe to:
Post Comments (Atom)
1 comment:
One great way of mainitng all passwords is using a reliable Password Manager Software. One such reliable, safe (Truste and Verisign Certified) Password Manger is Free Password Manager Plus by Billeo. It comes with additional features and benefits.
Check Out: www.billeo.com
Post a Comment