Padlocked Laptop Password Security In today’s computer-driven, networking- focused world, data security – both personal and professional – is a serious issue. We all know, of course, that our passwords are the first line of defense in keeping our data secure. But how many of us take our passwords seriously?

Let's be real here. Many, maybe most of us, are finding it irritating to manage the laundry list of user id’s and passwords we need in order to interact with the systems we deal with every day. As a result, we've been getting a bit lax when it comes to creating good, secure passwords. We opt for convenience versus security. We select passwords that make our lives easier, those that are predictable, no-brainers. Unfortunately, these kinds of passwords also make things easier for hackers.

Maybe it's time for a little refresher on the humble but hugely important password.

How Easy Is it to Crack My Passwords?

Password cracking and system hacking is a major problem for organizations worldwide. Theft or destruction (via computer viruses) of data housed within government agencies and commercial concerns has become a regular news item. Even our own Internet-enabled computer systems are not immune.

In this war for security, thoughtful, well-constructed passwords are not only our first defense, often they are our only defense.

Password crackers have an arsenal of schemes designed to grab passwords from the unwary.

Password cracking software. There are programs that can:
- “guess” your password from personal information that is easily accessible online.
- run every word in a dictionary against a user name to identify passwords.
- try every possible combination of key strokes in tandem with your username. (These are called “Brute Force” attacks.)
- read every keystroke sent out from your machine, called “sniffers”.
Computer hackers use scam techniques like:
- Phishing — The hacker sends out urgent IM or e-mail messages designed to alarm or entice their targets into providing their username, passwords and often other sensitive information.
- Shoulder surfing — Determining passwords by watching the victim type in their usernames and passwords. Common places used for this type of password cracking include cyber cafes, libraries, etc. However, since a majority of password cracking is done by someone the victim knows, it might also occur in your office or even in your home.

As you can see, weak passwords are relatively easy to crack. What’s at risk? Your bank information. Your e-mail and IM messages. Your contact lists. Your research. Your computer can even be used to send out viruses and to perform other malicious attacks.

So why take the chance? Here are some precautions you can take to tighten up your security.

Password Don’ts

You may recognize yourself in this list. If you do, take action today to make sure your passwords are doing what they're supposed to do – keeping your information secure.

Don’t write your password down and leave it near your computer. Come up with passwords that are unpredictable but easy for you to remember. Anything that’s written is subject to theft.
Don’t use names of family, friends, pets, favorite books, tv shows, movies etc. A lot of computer fraud is perpetrated by people who know the victim.
Don’t use the same password over and over, just changing the number at the end. Ex. Doris1, Doris2, Doris3, etc. This is a common technique for creating passwords that are easy to remember – and just as easy to crack.
Don’t spell out a word or name (even backwards) or use a birth date, anniversary date etc. that those who know you or have basic information about you could easily guess.
Don’t use the same password for every account, or subset of accounts. If your password is cracked for your FaceBook page, you’ll be giving the hacker access to your bank information.
Don’t use Leet-speak. Password cracking software checks for this. (If you don’t know what “leet-speak” is, you probably won’t be using it.)
Don’t use geographical or biographical names that are listed in standard dictionaries.
Don’t use your username or account name as your password.
Don’t use passwords that are easy to follow when you’re typing them. Ex. 123456 or qwerty or ppppp.
Don’t disclose your passwords to anyone unless you know they are authorized to have that information. If you must disclose your passwords, do so in person – never on the phone or in e-mail.

Password Do’s

Do change the password immediately, if provided a username and default password. Hackers assume that users will stick with the default password where one is provided.
Do change your passwords regularly. Within 30-90 days depending upon the sensitivity of the information you are protecting.
Do use a different password for each account.

Characteristics of a Strong Password

The difference between a weak and a strong password is the same as the difference between closing a door and locking it. A key challenge when creating passwords is selecting something that is strong, yet is easy to remember.

Strong passwords …

Include a random mix of numbers, letters and special characters that are far removed from you.
Are as long as possible (at least 6 characters). The longer the password, the more difficult it is to crack.
Use as many types of characters as possible, including letters (upper and lower case), numbers, punctuation and special characters (if allowed). Ex. 5x]M@hkeG12jBK

Means of Creating Strong Passwords

Here are some ideas to help you create strong and secure passwords.

Use the first letter of each word in an easily remembered phrase. Ex. BiacoNLE -- “Buffalo is a city on Northern Lake Erie”
Intentionally misspell common words. Ex. Kwotayshuns instead of Quotations.
Replace letters in a common word or phrase with numbers, punctuation or special characters. Ex. !r2endsh3p instead of friendship. The more creative you are, the more secure the password will be – but it must also be something you won’t forget.

Password Strategy

Developing strong passwords is vital to protecting your identity, your security, and your finances. It may sound like a lot of trouble. However, taking a moment to consider the level of trouble someone who steals access to your information can create should motivate you to be password-vigilant.

Back in the day, we puzzled over the fellow who bragged how he saved himself the time and money involved in replacing a blown fuse by putting a penny behind the old one. It worked fine – until it overheated and the house caught fire.

Today there's the story of the guy whose Service Engine light on his car dashboard kept flashing. Rather than getting the car looked at, he simply disconnected the light.

We laugh, but we do the same sort of thing when we create passwords that defeat the purpose.

Passwords were always meant to be cryptic and confidential. Most of us, however, have opted for quick and easy – and we may be courting disaster.

*****

Subscribe to the Credit-to-Cash Advisor
Monthly e-Newsletter -- It's Free

This information is provided by ABC-Amega Inc. ABC-Amega is a respected receivable management firm headquartered in the United States with more than 80 years experience in commercial receivable management.

Whether your need is industry-specific credit information, transparent first party receivable collection support, third party commercial debt collection, or training in collections or credit and financial analysis, ABC-Amega offers a solution that will help you achieve improved efficiency, greater effectiveness, and increased cash flow.

For more information on ABC-Amega Inc., contact info@abc-amega.com or visit the company web site at www.abc-amega.com.