In my last post I eluded to the need for people to use strong passwords. I have received so much communication on the subject that I decided to dedicate this week’s post to the world of passwords.
I’ve worked in IT for quite some time now, and the amount of times I have sat at someone’s locked machine and had to think – ‘Now what would XXX use as their password, just to have gained access a few minutes later. Too many people are in the habit of using the obvious.
A recent analysis of a large sample of passwords reviled that people still used simple to crack password to protect their systems. I am referring to passwords such as: 123456, password, qwerty (3 of the most commonly used passwords out there.) After that people tend to use names, their own, their spouses, their children, even their pets. Then the next group are people that use the sporting alliances for their passwords. All it takes is a little knowledge for even the most primitive of hacker too guess these. And most hacking tools would gain access almost instantly.
Technology users need to adopt safe password protocols.
Strength
As I have said, a strong password is one that cannot be easily guessed, or hacked by a brute force attack in an acceptable amount of time. That means no words likely to be found in a dictionary, no common names, no dates of birth, and nothing too short.
Passwords should be of a reasonable length, be a random mixture of lower and uppercase letters, utilise numbers and symbols. Although some systems limit the complexity, you should always try to adhere to this rule.
If stumped, try out one of the many on line password generators.
Variety
Do not use just one or two passwords to secure all your systems. It may be a no-brainer, but so many people fall into this group. If a hacker cracks one password, then they will have access to your whole digital life. Just think about it.
Do not make it easy for them. Use a different password for every instance where you need to use one. You may think this may make your life hell, we are all so connected these days, we access countless secure systems. Don’t worry about this, check out the section on TOOLS.
The Week Link
Quite often we, as users, are the weakest link in the whole security chain. To mitigate the risk your yourself post, you should follow a couple of rules.
- Never write a password down, just in case you forget it. Anyone may see this in passing.
- Do not share your password with others. If someone needs to be on your machine, you should log them on yourself. Then watch them until they have completed their task at hand.
- Decline invitations from your browser to remember your passwords. Doing this is just the same as having just one password for all systems. As, when someone manages to gain access to your machine, all they have to do is fire up your favourite browser to gain access to all your on-line accounts.
Tools
The thought of remembering dozens of completely different passwords may fill you with dread. However, if you are not the sort of person that is predisposed to remembering random collections of gibberish, there are tools out there designed to do this for you.
Relying on a single system is not ideal, however it could be the compromise you are looking for. One word of warning though is: Research the merits and pitfalls of any such systems you intend to adopt prior to their implementation.
After reading this, if the digital life fills you with fear, don’t worry. Just take the steps outlined and they will help keep you safe in an ever growing digital world. Alternatively, if you would like more advice on security in the digital age, or are interested in a digital security audit, please feel free to get in touch with us here at VGS Media.
