Creating Secure Passwords

October is National Cyber Security Awareness month, and we figured we would provide some great tips and tricks on how to create secure passwords.

We use passwords so much these days that it’s second nature. What we don’t realize is that it’s often the first and last line of defense keeping ‘baddies’ out of your email, Twitter, Facebook, financial accounts, and life.

According to one study, 73% of all Americans have fallen victim to some type of Internet crime during their lifetime. Nine million people are victims of identity theft and an estimated 600,000 Facebook accounts are compromised daily.

Here are some great tips and tricks to creating secure passwords.

 

Forget using a password. Use passphrases.

Passwords are dead. The typical password lengths we see at our firm are somewhere between 8-9 characters in length. Unfortunately, it is pretty much the limitations of our minds. Instead, choose a passphrase that allows you to get to 20 or 25 characters in length. It is far more difficult to remember “Dc#GRe3!” than it is “My mother is an amazing and beautiful women!” It is far easier to remember, and at the same time, far more challenging to crack. Don’t forget to include Upper Case, Lower Case, Numbers and Special Characters! (Use them all)

Please avoid: using dates (birthdays, anniversary dates, birthstones, gemstones, kid’s names, friend’s names pet names, nicknames, swear words, or any of the above in a foreign language). Basically avoid anything you can find on your Facebook or Social Media.

It doesn’t hurt to use your favorite lyrics, bible verse, poem, or script to reference upon. I’m sure everyone has “a lovely bunch of coconuts” (Think Merv Griffin and Lion King)

Mix it up.

Don’t use the same password on every single site. Ask yourself this: If I were to loose access to this account, how much trouble would I be in? Typically, that means your financial accounts would come in as number one, with your email accounts a close second. These accounts are the ones you want to avoid using the password on any other site.

If you do online banking especially, it is even more imperative to ensure that that particular password is never used elsewhere.

We must tell lies

I hate those pesky security questions. Essentially it’s the same as if a bad guy can’t get in the front door, they will get in the backdoor. Information to those security questions can be found with a quick Google search.  Especially your high school mascot.

If anything, avoid the question at hand and replace it with something else only you would know. For example, what is your favorite color is one of my personal pet peeves. No matter how hard you try, there will always be a set number of colors and it is as simple as writing a small programming script to guess it. If you are absolutely stuck, add a few adjectives in front to help, like instead of brown, answer with “baby diarrhea brown”. Extremely horribly visual, but it slows the bad guy down.

Like earlier, avoid using anything that can be found on Facebook or Social Media.

Embrace Change

CHANGE THOSE PASSWORDS EVERY THREE TO SIX MONTHS! That includes your WiFi passwords my friends.

Too many passwords?

Use a service like LastPass. Please do not use those password managers found on browsers though. They are extremely easy to get at.  However, remember to use a brilliant secure, one of a kind password for LastPass. If a baddie gets in, they get into EVERYTHING.

Advanced Security: Two Factor Authentication

It never hurts to have it, but with services like Google, Twitter, and Facebook, they will send you a small six digit code as part of their two-factor authentication. While your password may be compromised, having two-factor authentication buys you some additional time to change your password in the event your account is compromised. This excludes the fact if your phone has been compromised by malware.

 

 

Leave a Reply