You suck at keeping your computers and phones safe.
I can write that because you are someone pressed into working on 12 different projects before the week is done on computers at work, at home, on local networks, on home wireless hubs and occasionally swimming in the wireless pool at Starbucks or Barnes & Noble. You have passwords for the cash machine, Blackboard or Moodle (or both), the student information system, the grading system, your personal email, Facebook, and countless other sites.
Do these sound familiar? qwerty? 123456? asdfg or my favorite- password? According to an experiment run by economist Dan Ariely one in 40 of you reading this have a password that is also your username. Even savvy computer users get lazy when it comes to passwords. Passwords are not just a pain, they’re an annoying pain. We are packed with passwords because we need them to access everything in our electronic lives. We have so many that we can’t remember them all and then procrastinate changing them.
The news is filled with reports of hackers breaking into companies and schools and stealing passwords stored in different data systems. There is a constant threat of people wanting to break into banks, companies, gaming networks you are a member of, like Sony’s PlayStation network, and to your own institution. Hackers are malicious (they break in and delete information) or larcenous (they use stolen identities and passwords to steal money) or pranksters (they have a joke to make or point to prove– maybe both).
So why not take five easy steps to protect yourself (and possibly your job)?
Five easy steps to password sanity
1. Change your passwords, across the board, every three months.
You may be cringing at this idea– thinking this sounds like a cross between a dental exam and a marathon– but it can be made much easier. Get a piece of paper and draw a three by four table, with plenty of space to write in the boxes. (Do NOT do this on a spreadsheet on your computer or in a digital form.) Write “home” “work” and “devices” across the top columns. Down the left side, write the four dates a year you will change the passwords. Start with only the top row with the new passwords you will be using for networks, software, Amazon, data systems etc. How do you come up with good passwords?
2. Create passwords with psuedo-words
Passwords don’t have to be complex cryptograms. A few simple methods can help make living with passwords a little easier. For instance, don’t use a full word like password. That is much more secure asPas$werd8 (this is only an example, do not use this). Using a capital letter, a symbol and mixes of numbers makes it much more difficult to hack. Not impossible, but harder. If you don’t have a character limit use longer multiple-part word chunks– longer passwords are always harder to crack.
Five Tips To Better Password Security:
- Don’t use only letters or only numbers.
- Don’t use your name or the names of your significant other, children, schools or pets.
- Don’t ever use your birthday, phone number, Social Security (or Social Insurance or License) number.
- Don’t repeat the use of a password between settings– don’t use your work log-in, or any variation of it, for your home wireless network for instance.
- Don’t use any full word that can be found in the dictionary — really– even foreign words.
3. Use a personal system to change your passwords.
In order to better remember passwords, without need of your handy paper password guide, use your own quirky system for each part of the year. 2B-or-Not_2b is a memorable password if you’re a fan of the Bard. Like colors or birds? Use a different color non-word like bluE or B!ue or blOO to start each of your four password seasons. Last winter I used a car prefix for my passwords: H0nda (capital H and a zero instead of the ‘o’). I then used a simple word bridge before a number: last winter is was Pie (shut up, I was trying to lose weight). So in my head all of my passwords for the winter were H0ndaPie20 orH0ndaPie30 or, for my bank account, H0ndaPie31417 — yes, pie pi. It made me smile every time I logged in, no matter how depressing the balance was. A friend of mine used the word Shove as a prefix to every password at a job he hated.
4. Change your passwords and your personal system every three months- everywhere.
It is essential that you change your passwords, and you can’t be lazy about this. There are security professional I respect who insist you change them every 30 or 60 days, but I’m willing to risk longer exposure with better, multi-part passwords. I no longer use my Hzero version of Honda as a prefix and never will again. I use a different word/symbol combo every time I change my password system, and change them all, so I can remember them all. On your sheet of paper, only write down the new passwords when you are changing them, and draw a line through the old ones you change as you log in and do it. This helps you keep track of every system you access and makes a clear departure for you to remember new passwords.
5. Don’t forget the systems that don’t get in your face.
If you have a wireless hub at home it’s unlikely you have ever changed the password after you set it up. Without prompting we forget these systems. (I know there are people reading this who have a wireless router like a Linksys or D-link that has a wild and unusual network name, like Linksys or D-link, and your password is “password.”) These systems are often left to sit, without good passwords and without important software updates. Look them up online, see if there are software updates or patches you should run and change the password. Your neighbors might like the free bandwidth they’ve been poaching from you but predators and thieves use open networks too.
If you have a Windows-based laptop or PC I highly, highly recommend a full-featured security suite to help protect against malware and viruses like Norton Internet Security 2011 (Single user but installs on 3 PCs). Norton tests against all sorts of threats and updates their software regularly. — I know there are some free anti-virus apps out there, but in this case you will get what you pay for.