As a cybersecurity enthusiast for years, I am intrigued whenever there is a huge headline-making, media-frenzied security breach. Take, for instance, those two million passwords that were hacked earlier this month from social media sites, including Google, LinkedIn, Facebook, and even my venerable Twitter. At the same time, I am disappointed. The fight against cybercrime is never ending, but winning a battle or two would be nice.
While most folks not in the depths of your IT department have little involvement keeping your organization’s data under wraps, there are some best practices that even the least tech savvy of us can deploy. Apparently keystroke encryption, anti-malware products, and patch management are the keys to keeping big data safe these days. But a strong password is a great start too. Obviously, awareness is important as well, so I wrote this blog to do my part.
I’ve always been fascinated by passwords. When I was an IT support technician, every now and then, I’d need a user’s password. Ten years later, I still remember some of those passwords and I bet some of those users are still using them or at the least a close variation.
The Long and Winding Password
I love that the PIN on my iPhone is only four numbers. Like most humans using computers, I find a quick simple password I don’t have to think about is ideal. But for security purposes, length makes a huge difference in keeping a hacker out of your stuff. Something akin to “s%3urmom#~8k4$5t)” is practically unbreakable, but who has time to remember such as that? I certainly don’t. Still, an extra-long password can keep a hacker at bay for hours, maybe even days. I think he’ll move on to the next user after the first unsuccessful hour. But, make sure it’s not something obvious. As much as I wish “Johnmarkivey1985” could be my go-to password, it would be like throwing a softball to a potential hacker. You want to make sure you’re throwing a curveball. Remember that dumb passwords are useless.
You Are in My System
When your password is due for its hopefully monthly change, have a unique system in place so you’re not stuck there banging your head on the keyboard until you choose something so difficult that you have to write it down on a Post-it note to remember it. It’s the 21st century. Stop writing down your password! Getting a system is as easy as selecting a list of words and accompanying numbers that you are aware of but that are not obvious to a hacker from a quick look at your public Facebook page.
Get Creative
As ingenious as “p@ssword” and “letme!n” were in 1998, I encourage you to get creative with your password hierarchy. Don’t be fooled into thinking that “asdfgh89” is that much more secure than “qwerty12”. I was raised near the NC/SC border where every crossroad is a named community. Using towns on the way to North Myrtle Beach as an endless inventory of passwords almost makes it kind of fun. Coupling Dillon with Highway 501 to make “501dilloN” served me well for a month. As did “sc9mullinS,” “904loriS,” and “378conwaY.” Retired Duke basketball jerseys got me through a year, from “43giminskI” and “24dawkinS” to “31battieR” and “4reddicK.” Place names and surnames (that aren’t your own) work well in passwords, because they are words typically not found in the dictionary, which are not recommended. Pepper your password with special characters, such as: -+,~‘!@#$%^&*()=_’”{}[]|\?/:;>< to make them even stronger.
I hope this information will help keep your passwords more secure. Of course, it’s essential that your browser is up to date and patched to the latest version available. It’s also imperative to have up-to-date antivirus software. After all, even the most complex new password is useless if you haven’t removed malware from your computer or if a keylogging virus has been downloaded, which will still allow the hacker access to your data.