Fri 21 Jul 2006
Why Good Passwords Are Even More Important Than You Think They Are
Posted by Administrator under Tips and Tricks , PrivacyNo Comments
Most folks know that passwords are important to keep their files and information safe. But that’s only half the story…and thinking that protecting your files is the whole reason for passwords could leave you vulnerable to a host of online ills.
The problem with focusing only on the protection of files leads some users to believe “This account isn’t important since I don’t store anything of value here. I’ll just pick my name, or ‘123abc’ as my password.” Nothing could be further from the truth.
In addition to storing files, your account has email access whether you use it or not. And even though many ISPs are cracking down on spammers by requiring users to be authenticated with their systems before allowing email to go out, spammers now use automated programs to find accounts with weak, easy-to-guess passwords. They don’t want your files, they just want to send out their spam under your name.
A responsible ISP takes steps to suspend spammers’ accounts as soon as a rapid increase in outgoing email volume happens. However, should a spammer appropriate your account due to a weak password, access to both incoming and outgoing email will be suspended and you will have the added inconvenience of needing to contact customer service to get your account re-enabled since you are responsible for your account whether you are the one abusing it or not.
What can you do to help thwart Spammers and Identity Thieves?
Pick good passwords! Here are some tips:
don’t pick a dictionary word or person’s name
don’t pick part of your domain name
don’t pick repeated letters or numbers like “aaaaa” or “88888″
don’t pick the above with obvious substitutions like “i” for one, and “o” for 0
don’t pick the above with just a digit or two at the front or end
Do use mixed case letters
Do use punctuation
Do use numbers and letters
Do use the full 8 characters
Obviously, you don’t have to do all of these things, but the more you can work in to something you can remember, the better. One suggestion for really strong, easy to remember passwords is: “Use the first letters of a phrase you can easily recall, with creative substitutions.”
Something like: (Note, do not use these exact ones; these are just examples)
Phrase –> Password
—————————- ——–
“XO is the best to work for” –> XOitb2w4
“I hate password crackers!” –> Ih@epwc!
“Mom’s apple pie” –> M’sa3.14
“My wife Alice, love of my life” –> MwA,L0ml
“It was a dark and stormy night.” –> Iwad&sn.
Okay, so maybe these aren’t exactly the easiest to remember, but you get the idea. It’s near impossible for an automated program to guess high-entropy strings like the above examples. But since they are derived from a phrase with meaning to you, they are much easier to remember.
Happy passwording!!
– Jesse Mundis, Concentric Senior Engineer