Does your password look like any of the following?
- The name of your partner, child or pet
- The last four digits of your social security number
- 123456789 or 987654321 or any lower combination
- Your last name, your city, college or football team
- Your date of birth – or of you partner or child
- The words: “password”, “god”, “dog”, “money” or “love” or any other word found in a standard dictionary
-
Or any of the above followed by a 0 or a 1?
I admit I WAS guilty of using one of the above common passwords. What about you?
John Pozadzides from One Man’s Blog reveals how hackers steal identity. http://onemansblog.com/2007/03/26/how-id-hack-your-weak-passwords/
Here are John’s tips to making your password more secure.
- “Randomly substitute numbers for letters that look similar. The letter ‘o’ becomes the number ‘0?, or even better an ‘@’ or ‘*’. (i.e. – m0d3ltf0rd… like modelTford)
- Randomly throw in capital letters (i.e. – Mod3lTF0rd)
- Think of something you were attached to when you were younger, but DON’T CHOOSE A PERSON’S NAME! Every name plus every word in the dictionary will fail under a simple brute force attack.
- Maybe a place you loved, or a specific car, an attraction from a vacation, or a favorite restaurant?
- You really need to have different username / password combinations for everything.”
So based on what John wrote I came up with what I thought was a jim-dandy-secure password, and ran it through Microsoft’s password strength tester. I came up medium. MEDIUM! This is harder than it looks.
So what’s the solution? The security experts out there recommend using a password manager like Roboform or PassPack that store your passwords and allow you to use a master password on all the sites you visit. Search “password manager” on Google to find other password managers programs.
Here’s the best part of a password managers – You only have to remember ONE MASTER password – the perfect solution for brain squeeze!
Valerie Horton
Hi guys & gals,
It sure seems like it would make life easier to have a service like that. Have you ever counted up how many user names & passwords you have?!
My concern is: how can I know if a password manager is legit or safe against “attacks” by the bad guys?
Buffie
@Marco
Nice to see I still have my online shadow following me around. PassPack is a perfectly secure solution and you know it.
@Buffie
You need to do a little research. Trust is definitely a major issue when choosing a password manager. When looking into a new service, visit the site, make sure the contacts are available, maybe write to someone in the company and see if a real person replies to you. You could also try and put the owners names through Google to see if anything shady comes up. You can also sign up for the service, and put in some non-essential passwords, just to try it out and get a feel for it.
In the end, though, it’s really going to come down to a gut feeling. If you don’t feel comfortable – move on.
I’m a founding partner at PassPack, and I’ve dealt with quite a few people who where unsure, so I posted some answers to some common trust questions on our Contacts page (that’s a long page, so make sure you scroll down it).
If you want to try out PassPack and get a feel for how it works, here’s a Getting Started Guide on our blog. Accounts are free, and if you don’t like it, you can just delete it.
I hope I’ve answered your questions. Feel free to drop me an email if you’d like more info.
Cheers,
Tara
Here are few reviews of password manager sites:
“HOW CAN I REMEMBER MY PASSWORDS?, Kiplinger’s Personal Finance, 15289729, Sep2006, Vol. 60, Issue 9″
“PC World; Feb 2007, Vol. 25 Issue 2, p80-92″
“Password managers & form filler. (cover story) By: Metz, Cade. PC Magazine, 5/24/2005, Vol. 24 Issue 9, p76-77”
I’d hoped to find more articles in my quick search – any one else know of good review articles from reputable sources? Valerie