With the proliferation of sites and online/software systems we use on a daily basis, it is becoming more challenging to manage all our passwords. Many I noticed pick simple passwords. It can cause you a lot of headache, if your password is cracked and your investment is lost suddenly. On the other hand good and reputable sites will guide you to enter more robust password to use.
Surprisingly there are many password cracking software tools. I assume these were made for ethical use of lost passwords or someone who left her/his job and no one can unlock the computer. The problem however is when these software tools fall in the wrong hands…
To better protect your online investment, you will need to do a little of planning that can bring you far ahead from most online users.
In general your password security will depend on your general caution about protecting your assets. This is the same like leaving your car in the parking lot of a busy shopping area, or even in front of your house. Do you leave it locked or unlocked?
Whether your answer is locked or unlocked, I invite you to keep reading my post and hopefully be aware to better password protect your online assets:
Here is my list:
1- Don’t choose a short password:
I have seen many websites checking and validating for a minimum of 8 characters. That’s great, because it turns out that the time it takes to crack 8 character password is exponentially more, than a 6 character password. I would even suggest a 10 character password and for more sensitive information go even for 15 of more characters.
2- Don’t pick words that relate to you:
Don’t pick family members names, or even a city you live in or phone number or a hobby or anything else that is easily to be guessed about you. Just pick words that are not related to you. Remember, popular social sites and blogs encourage people to write a profile, so if you write you live in … and you wife’s and kids names are …. and graduated from …..
This information could be easily guessed, if you use any of it to create your passwords.
3- Don’t pick easily guessable words, numbers and/or patterns:
I have done this before, with words like: bulldog, goldfish, coffee, 123456, asdfg, abcdef, abc123, 911, ….
4- Don’t store your password on your laptop or online
If you can’t remember and have to save you password, save it in a file offline. I would save it on a writable CD or a flash drive that can be easily detached from your laptop. I don’t like online sites or software that helps managing passwords. I feed safer just doing it the old fashioned way, writing them on a little booklet that I keep in a safe place.
5-Include numbers, capital letters and symbols
Try to always incorporate all letters in your password, not only lower case. The chances that a brute force attack will find your password will be of a magnitude of 10 thousands more difficult, than with just using lower case characters. It is a statistical truth that you want to be aware of to better protect you accounts.
6-Consider changing your password at least once a year
I have seen big corporations enforcing policies of changing passwords every 90 days, but I don’t think this helps a lot since an attacker will need only minutes or even hours time to crack your password. You will need however to change your password, just to make sure it is not found or stored in a place that someone can find.
7-Make sure your Antivirus software is up-to-date.
Always make sure your anti virus is up-to-date and gets updated constantly, otherwise switch to a different software. Make sure the software checks the incoming email and scans the attachments as well and never download any attachment unless you know the sender and trust the attachment too.
This is my list, did I miss anything? Let me know.