Know your Passwords – ECC Tech Tip

Know your Passwords?

Passwords are our first line of defense in our online world and most people think theirs are as strong as Fort Knox. Sadly, “fool-proof” passwords don’t usually translate into “hack-proof” ones.

Let’s step back for a moment and ask the question, “why would a hacker thousands of miles away from you want to steal your password used at your local public library?” The answer is easy. Most people tend to use the same password for everything. Your library password is probably the same one you use at your bank or at PayPal. Now we are talking about a potential return for the hacker’s work in stealing your password.

Here is another well-circulated bit of information about passwords. Most people help hackers by selecting poor passwords. What is a poor password? Some of the most widely used passwords in 2015 were: password, 123456, letmein, iloveyou, admin, qwerty and abc123. These are not passwords that challenge hackers.

Of course, the easiest way to get passwords isn’t hacking into individual personal computers, but to steal the password file from a large online company. In this situation, hackers can steal both userIDs and passwords. That is very helpful when trying to access your financial accounts.

Here are some suggestions to help you create secure passwords:

  1. Every password must be unique. In other words, don’t use the same password at more than one site.
  2. Longer passwords are harder to crack. If the site allows 25 characters, your password should be 25 characters long.
  3. Mixed-up passwords are harder to crack (numbers, punctuation, upper and lower case letters, etc.)
  4. Don’t use words or places found in the dictionary as the basis for your password. These are too easy for hackers to figure out.

There is one other factor that I think is important when creating passwords. If you can remember it, your password probably isn’t that secure.

It is time for a confession. I have more than 175 passwords that I currently use. For my safety, I don’t know any of my userIDs and passwords. I don’t have to because I use a password management application and it keeps up with everything for me. All I have to remember is the password used to unlock all of my passwords and the program takes care of the rest.

There are several good password management programs out there and Google will help you find the one that fits your needs. My wife and I use a program called 1Password. It is available for Windows, Macs, iPhones, iPads and Android devices. We have a shared database, meaning if I change a password while using my iPad, that new password immediately shows up on all of our gadgets.

We store more than passwords in our password management app. We have secure notes with our medical information, our favorite campsites, plus the dimensions of our Airstream safely stored inside 1Password’s encrypted database.

As a bonus, most password management programs will let you know if there is a security problem with a site you visit and then help you change a password that may have been compromised.

If passwords are your first line of defense, you need unique, long passwords that consist of a jumbled mess of letters, numbers and punctuation marks. The best way to keep track of them is by using a well-known and highly rated password management tool. This beats keeping them in an unencrypted note file on your PC by a mile.

Please contact a member of the ECC at the International Rally Tech Help booth if you want to discuss more about passwords.

Added 27 June 2016 by 3160