5.26.2010

Passwords - The Thin Line Between Your Data and Them

How strong or weak are your passwords you use every day to check your email, update your fantasy baseball team and, oh, I don't know, check your bank balances?

If you use the same password for all three of these activities then you are exposing yourself to identity theft. You should never, ever, ever use the password you use for your banking for anything else. You should never, ever, ever use the same password to access your computer as for your access to Webkinz (don't ask).

All too often, people using computers assume that their password is good enough to protect them against malacious use and identity theft. Did you know the CEO of Lifelock, the company that purports to lockdown your identity, has had his identity stolen no less than 13 times? Seems he chose the wrong business to go into.


Here are some pretty simple guidelines and personal tips/tricks to make your passwords and personal data much more secure.

Guidelines:
Minimum of 7 characters, longer is better
Contain upper and lowercase letters
Contain numbers
Contain symbols/special characters like: ?/{[}]|\+=!@#$^%^&*()
Contain a symbol in the 2nd, 3rd, 4th, 5th or 6th position
Not resemble previous passwords
Not be your name or family member's name or your login name (please no, no, no!)
Not be a dictionary word or common name.

Stumped? Try using the Strong Password Generator to create a strong lock for your private data and files. Got one and want to see if its strong enough? Plug it into the Password Strength Checker and find out how it stacks up. And, if your identity has been stolen then get your backside over to the FTC: Deter. Detect. Defend.

As always, prevention is way easier, cleaner and faster than fixing a stolen identity. Check out Tips to Reduce Identity Theft Risk to reduce your exposure.

Dos:
- One of the best tips I've seen is to take your standard password and shift one key to the right or left or even up or down. Say I use password as a password, by this method password becomes [[sseprf. Add in a capital letter and some numbers and that account is safe(r).
- The simplest trick I know is to replace vowels with numbers. An "a" becomes a "4", an "e" becomes a "3", an "i" becomes a "1" and an "o" becomes an "0". There's no simple exchange for a "u".
- Log out of a computer if you are not going to be using it.

Don'ts:
- Do not write your new password on a sticky and put it on your monitor.
- Do not use one password for everything. Using the same password for your email as for your banking is convenient to you but really, really convenient to the ID thief.
- Do not let your kids use your computer on your account. Set them up with their own account (and turn off Admin rights to it!).

I'm sure I'm forgetting a few important things but this post should serve as a good reminder to get your passwords in order unless you like the idea of spending all of your free time on the phone with your bank and credit cards to repair the damage done by an ID thief.
blog comments powered by Disqus