Still have amateurs running your IT?
Solutions Squad's professionals can help you Manage your IT properly.
Contact Us today for your FREE Network Assessment available to clients in the South Florida area.
Since computers were invented, we have had to balance use-ability with security. And business owners have always hated passwords. I can’t tell you how many times I’ve been told that I should make a password easy to remember.
I’m sorry to tell you: Those days are long gone.
There are now literally millions of bad guys hacking and cracking into everything they can find. People with poor security habits have all kinds of juicy information on their computers (Social Security numbers, birthdays, credit card numbers, and of course password lists!).
Some of this information is used to break into accounts. Some is used to open new credit card accounts or redirect your tax return to a new address. Lots of it is sold in bulk to organized crime syndicates in other countries. And then the aggregated data is sold again and again to bad guys who want to generate fake profiles, credit cards, and more.
As you read about break-ins for large companies like Target, just remember that that are thousands of breaches that never make the news for every single breach that does. Most are never reported because it’s not required. In fact, most are not reported even if it is required because there’s no real enforcement.
Here are the most obvious things you can do:
1) Have good passwords.
That means they are long(ish) and complex. Complex means that standard stuff you hear about all the time: Upper and lowercase letters, symbols, and at least 8-12 characters.
2) Never use a password that exists on any list anywhere.
For example, if you use a single word that is found in a dictionary, it takes only a few milliseconds for a computer to guess your password because the computer has it’s own “dictionary” that includes all the words in all dictionaries for all languages. It also includes all lists of all passwords that it has ever come across.
3) Change your passwords from time to time!
You don’t necessarily have to change your password every 30 days – but it doesn’t hurt. But you should change all your important passwords (bank, payroll, work) at least once every three months.
And here’s one more thing that most people don’t think about:
4) Don’t reuse passwords.
Consider this: You probably have passwords on dozens if not hundreds of web sites. I use a password manager that stores about 800 of my passwords. With that many accounts out there, it’s almost guaranteed that one of those accounts will get hacked this year. So my username and password combination will now be out in the wild for the bad guys to buy.
Why is that valuable? Well . . . If I reuse passwords (as most people do), then that username/password combination will be guaranteed to work somewhere else. So now the bad guys have lists of all the passwords out in the wild, but they also have some known-good combinations.
Social media accounts are always under attack. Most recently, MySpace and Tumblr were hacked. If you have one of those accounts and use the same password for Facebook, LinkedIn, etc. then the bad guys have those passwords as well.
The bottom line: Some account you have somewhere will be hacked. With luck, it will be an unimportant account. And if you don’t have the same password everywhere, then the damage will be isolated to that one account. But if you reuse one password all over the place, then the chances that other accounts will be hacked goes up significantly.
– Contact your I.T. consultant and find out what they recommend for password policies and password management.
– Change your most important passwords right now – and make them all different!
Here is a Google search for Password Managers. I use an off-line password manager so that it’s not hosted somewhere and the focus of targeted attacks.
Here is a password testing tool. Set the year to 2020 and see how quickly your passwords can be cracked.
Just remember: Even if this password can’t be cracked in a million years, a list of passwords that includes this one might not be as secure!
Finally, here are the 100 most popular passwords in the last year, in alphabetical order. You can be guaranteed that these will be cracked in less than one second.
Let’s be safe out there!