Securing Your Passwords – PG Laser LTD.

Securing Your Passwords

Passwords are the most common means of authentication online, and that is why it is critical to use strong passwords and keep them confidential.  The average person has a long list of accounts and passwords.  Good, strong passwords are hard to remember, however, using something easy, leaves you open to hacking.

30% of users have used or still use birthdays, addresses, pet names or children names for their passwords.  About 20% users have never changed their passwords-ever unless forced to.   One of the most common ways that hackers break into computers is by guessing passwords. Simple and commonly used passwords enable intruders to easily gain access to your information.

Creating Complex Passwords

One of the concerns that people often have when it comes to creating complex passwords is a fear of forgetting them, particularly when there are several to remember.   I recommend to my customers to write down their passwords and store them in a secure place away from your computer.  (Not on a sticky note stuck to the monitor or under the keyboard).  Use a notebook or binder, or a novel you can hide among other books to right your passwords in and keep it up to date!

Make sure you have all the account details listed which includes: User Name, Emailed Recovery Methods, Answers to Security Questions, and Passwords.  Make sure you can read the information and know when you used upper and lowercase letters, numbers, and symbols.   Date each time you change the password and I’ll say it again, keep it up to date!  Never use a Word document with the title PASSWORDS and save it to the desktop.

Use a Strong Password

You can create a stronger password in a few different ways. Use complex passwords not found in any dictionary.  One way to do that is to turn a sentence or phrase into something that is not easily recognized by others. For example:  Myd0gH@sF13@s (My Dog Has Fleas) You would replace certain words or letters with numbers or symbols.  It is also recommended taking a sentence like: “Pussy cat, pussy cat, where have you been? I’ve been to London to visit the Queen.”  And using the first letters numbers and punctuation to make “Pc,pc,whyb?IbtLtvtQ.” You could also use a password-generator like found at www.lastpass.com/password-generator.  Also, don’t use passwords that  include any personal information of any kind.   It is not important anymore to change your password unless you’re forced to.  If you feel that your password has been compromised, change it.  It use to took a long time to crack a password, now it takes seconds, unless you’ve chosen a strong one.

Remember Me

We should also talk about having your Web browser remember your passwords.  This can be convenient, but it poses a security risk.    Some browsers let you (or, potentially, thieves) view a list of your saved login credentials, including the site, username, and password.   This is handy if you forget a password, but can reveal all the passwords you use to anyone.   My Customers also run in to problems accessing accounts when these save passwords are cleared.  They have used the remembered password so long, they forgot what it was.  And recovering some of these passwords can be challenging.

Plan to Forget

Which brings me to the last point.  It’s going to happen at one time or another where you need to recover a password.  Make sure you have a recovery process for each of your accounts.    Most accounts send a recovery method to your email.  Make sure the email you use, is active and can never be closed.  Using email providers like outlook.com, and gmail.com are the best.  Also linking a password recovery method to your cell phone is a good idea.

Be careful when setting up your answers to security question which could open up your account to anybody who can figure out your favorite dogs name.   Skip the secret questions if you can.  If that’s not an option, answer it like you’re making a second password.  There is no point in having a really secure password only to have it backed up by an easily guessable dictionary word.  I recommend you write down the security question in that book we discussed earlier, but when you answer that question, you use random answers.  For example: What city were you born?  Answer:  Chocolate Fudge Sunday.   Or Ch0c0@t3 Fudg3 5und@y.  The answers are cap sensitive, so make sure you record it properly in that book.