Hackers, Passwords, and Online Identity, Part 1: Forgot your Password?
This is the first in a three part series on Net Security and Privacy following ‘Change your passwords day’ which occurred on February 1st. It discusses recent online attacks, privacy concerns, and realistic net security tips for the rest of us.
Part 1: Forgot your Password?
Freedom to online privacy is your right. This article aims to give you a guide to what to set as your passwords, and how to make the net as secure as it can be for you, without bombarding you with a lecture you’ve heard far too many times.
Stored in the ever expanding web of data, information, and connections known as the internet, is most likely everything of importance to you in your life. I, for example, have data such as my address and phone numbers amongst other private information stored online. But more importantly, my bank account details are somewhere in there too. Every little part of my identity (except that stored in the organ inside my own skull) is on the internet. And in the wrong person’s hands, could prove devastating. I’m ready to bet you’re the same too.
Yet all of this data and personal information is accessible through just a series of passwords: letters, numbers and symbols, which arguably are hackable. While it could take years for even supercomputers to hack their way into my accounts, and likely yours, it is a scary thought that someone, somewhere, may have the ability to compromise your data. Not everyone is as security conscious as me, no doubt someone reading this has a password such as ‘letmein’, which is one of the most commonly used passwords according to ‘Infoworld‘, and that person is so vulnerable to malicious attacks, it is hard not to feel for them.
So what can be done immediately to protect us from the dangers we face? In reality, you should have a different password for each and every site you login to, however realistically, this is never going to happen. It would be a nightmare to remember them all, and getting them muddled up would not be hard. You mat like to make use of a password database site, such as LastPass, which stores all your passwords so you can never forget them, yet logging in to access this on a shared computer would be a a huge risk. So below, is a guide for formulating a balance of security and convenience with passwords, by using and combination of 5, secure, safe, and targeted passwords.
Password 1:
This should be your master password. This is used ONLY for a password manager, such as LastPass. This password should consist of all Letters, Numbers and Symbols, and should follow the rules depicted later in this article on making a secure password. You should give it to one person who you trust, a member of close family for example, so they can access all of your passwords when you die, or really need access. You should change this about twice a year.
Password 2:
Email Address. Your email address password should be one of the most secure. Remember anyone with it can simply use the ‘Forgot Password…’ button on a variety of sites to get a password emailed to them. This should be changed once or twice a year, and you should keep it entirely to yourself.
Password 3:
Online Banking. In modern day life, much of your banking is likely done online. You really need one password for each of your bank accounts, including your PayPal account, just incase one is breached. Usually, banks have good measures in place to force you into choosing a secure password. These, once again, should be as secure as possible, and if not stored in your password manager, should be kept by a trusted third party, or a spouse who also has access to that account. Try and change this yearly, like your email address.
Password 4:
Social Networks. Instead of having a password for each and every network, have one, pretty secure password which only you know. It should be memorable, and while still secure, if you don’t have too many compromising details on your networks collectively, you may like to choose something quick to type, rather than long and therefore awkward. This should be changed whenever you log in to a public wifi network or use a shared computer. Tell this password to no-one, unless you want to be highly embarrassed at some point.
Password 5:
Other Sites. Every so often, you may join a site, or a network which you trust, but don’t want to be sharing vast amounts of personal details with. Use this password for them. Keep it to yourself, and keep it secure, you may never need to change this, although I still recommend yearly.
So 5 passwords is probably enough, yet remember you can never be too secure. This is far better than the vast majority of people who use the same password for absolutely everything. But what should you choose for these passwords? To begin, here are the top 10 most commonly used passwords, which for the sake of your identity, I forbid you to use:
- password
- 123456
- 12345678
- qwerty
- abc123
- monkey
- 1234567
- letmein
- trustno1
- dragon
It is scary to think how many people obviously haven’t grasped the importance of a strong password, and it is hard to stress just how important it is to have viable protection against brute-force attacks. It seems that ‘password’ is a poorly devised term to represent what should never be a real word. It can represent a word, or many words, but any phrase you can find in the dictionary should be put aside. So how do you compose a good password?
Making a Secure Password
The ideal password undoubtedly, includes letters, numbers, and symbols, and is over 8 characters long. These could be random, yet it is reccomended that you base them on sequences which mean something to you, and only you; this rules out the risk of forgetting it. The table below explains how long it would take for a computer to hack different types, and lengths of passwords, thanks to Forever Geek.
To decide a password, try using the following slightly crude method: First, think of a obscure word which means something to you, such as the surname of someone you are not in contact with anymore, such as Smith. So we start the password, with Smith. Then possibly the numbers of an old phone number, 475245, and then the last 3 digits of your postcode 6QJ, add a random symbol, $, and there you have it: Smith475256QJ$. This may seem rather far fetched, but by doing this, you follow fundamental principles of net security. The length of the password really depends how important the data you are protecting is. The example is best for a bank account.
Another common method for choosing a secure password, is to find a phrase or quote and condense it into under 15 characters. For example, the quote: “Royale with Cheese” could be turned into: Rylew/Ch5e! It’s memorable, secure, and depending on the quote you choose, possibly inspirational.
Remember: Variety, Secrecy, and Memorability, and you will be fine.
Look out for Part 2, which will explore recent malicious attacks on banks, networks and the government as part of serious, dangerous hacking, and how to protect yourself from it. And then Part 3, which discusses privacy online, and keeping an identity safe.
All information in this article is correct, and to the best knowledge of the author at time of writing, yet neither the author, or The Urban Times can be responsible for negative impacts after following the advice included.
Informative information to retrive our banking passwords.
[...] online attacks, privacy concerns, and realistic net security tips for the rest of us. Part 1: Forgot your password? Source: Schuilr on [...]
[...] recent online attacks, privacy concerns, and realistic net security tips for the rest of us. Part 1: Forgot your password? Part 2: Who can you [...]