Have YOU changed your Password recently?

Password Expiration 67Account Security is not like the Weather.  You can do something about it.  Almost weekly, someone reports that a Social Media Site, Content Provider, or Financial Institution has had a breach and that customer account information “may” have been compromised.

 

The absolute best defense against this insane level of carelessness is a good offense.

CHANGE YOUR PASSWORDS EARLY AND OFTEN.

This is an aspect of digital account security that is completely within your control.

The sites that care most about the security of your data force you to change your password on a periodic basis of no less than ninety days.  If they do not force a periodic password change, take it upon yourself to change your password at least monthly.  If they really care, they force you to use a “strong” password which generally means it is more than eight alphanumeric characters, must include at least one letter, one number, one special character, and is case sensitive.

Unfortunately, most sites feel that forcing you to change your password, even if for your own protection, is too invasive and not very customer service friendly.

Be honest.  How many of you have NEVER changed your password on your email account?  Facebook?  Gmail?  AOL?  AIM?  AppleID?  Your bank account?  Seriously? Never?  Need I go on?

Stop reading this right now and GO CHANGE YOUR PASSWORDS.  I will wait…  Hmmm… still reading?  Well then the least I can do is to give you some advice on creating a strong password.

As amazing as it seems, some Banks do not allow special characters as part of the password.  (Special characters are punctuation marks like # @ $ ! % * .  – anything that is not a letter or number.)  Even without special characters, you can still make a strong password that will be difficult to guess and withstand a good number of basic hacking techniques.

Let us start by creating a password not from a word but from a phrase.  Take the first letter from each word in the title of this article as a starting point.  “Have You Changed Your Password Recently” would translate to HYCYPR.  This is absolutely not a word in any dictionary which eliminates the possibility of a dictionary based hacking attempt.  To anyone who is not you, the password looks like complete gibberish.  (A dictionary attack uses an English Dictionary or a list of common words and tries thousands of them until it succeeds.)

Now, let us make it even stronger.  We are going to substitute the some of the letters with their numeric position in the Alphabet.  HYCYPR is going to become 8Y3YPR.  H is the eighth letter and C is the third letter of the Alphabet.  To keep with my own statement that a strong password should be at least eight characters, I will pad this with some extra numbers.  The final password will be “ 8Y3YPR42 ”  (Ignore the quote marks.)  This password is now virtually impossible to guess and it is definitely impervious to a dictionary attack.  By the way, I chose 42 as that is the answer to “Life, the Universe, and Everything” from “Hitch Hikers Guide to the Universe.”

Which bring up another point:  Try to use a sentence, phrase or quote that is not common or attributable to your personality, likes, or habits.  If someone knows you like Douglas Adams (Author of the Hitch Hikers Series) and has figured out how you assemble your passwords, this gives that person a starting point if you are being specifically targeted.

Now that you know how to make strong passwords, GO DO IT NOW for all of your accounts.

Take this opportunity to get one giant step ahead of the hackers.

Speak Your Mind

*