According to msnbc.com, 73% of people use the same password for their bank that they do for all their other password required websites. Your bank! Where your money is! And let’s not even start talking about whether that is a “good” password or not. Cause I’m pretty sure if you’re using the same password everywhere, it’s not a good one.
Let’s step back and take a look at this:
People often think that the internet is so big that the likelihood of them being targeted is very small. Actually, the opposite is true. Bad guys will often install software on your computer without you knowing it (it’s referred to as malware). You won’t even know it’s running although your computer may seem slower than it used to be. This software can be installed simply by you clicking to open a website or clicking to view something amusing or funny in an email (dancing pigs anyone?). It doesn’t interrupt with your daily work on your computer so you aren’t aware it’s running in the background.
This software is also running on thousands (millions?) of other computers and it’s running on behalf of someone malicious. It’s not necessarily stealing information from your computer (although it certainly can). It can be used together with all the other computers running it to attack other computers on the internet – when you combine together the power of lots of computers together, they become very very powerful and dangerous and can bring a website down or be used to “crack” passwords.
A password is easiest to crack (or break) based on the number of characters and other criteria. A password that matches a word in the dictionary (or is a name or other easy to find information – your birthday, anniversary, etc is often posted somewhere – like Facebook - on the internet) is ridiculously easy to crack. Adding numbers (esophagus69 or 3s0phagus) is slightly harder to crack, but not much. What makes a password strong? Well, the first thing is how long it is – if it’s 12 characters, it’s harder to break and they will likely give up and move onto someone who has a shorter, easier password to break.
How do you end up with a long (12 character) password? Use a memorable phrase: My dog Gus is the coolest! We’ve got caps and an exclamation point in there which makes it harder (although some sites won’t allow it) and it’s long. Some sites also won’t allow long passwords. In that case, you can use an abbreviated version of the memorable phrase: MdGitc! (first letter of each word of the phrase + caps + exclamation point).
I know that remembering passwords is a drag. There are many free password tools – I’m using http://www.passpack.com. It will generate difficult passwords for you and will remember them. I also like it because I don’t need to install anything on my computer and can access it from any computer (and it’s free) and as far as I can tell, secure. (I’ve done some digging into the technical aspects of how it works and am comfortable with it – for now. Internet security is a game where the bar is constantly being raised by the bad guys.)
Do you need to have good passwords for all of your sites? No. There are plenty of sites where I use throwaway passwords – the NY Times, other reading sites. But the password for my email (once someone can break into your email, they can change your password at any site you log into – they just say that they forgot the password & a new one is emailed to you), my bank, other financial institutions, etc. are all strong passwords.
The internet is huge. That doesn’t make your odds of being a victim any less. There are bad people out there using the power of the internet against you.
Oh and make sure you have good antivirus and antimalware software running on your machines. For PCs, Microsoft’s free Security Essentials software has received excellent reviews and can be downloaded here. You are absolutely a target and you are not invisible because the internet is big and there are millions of computers out there. Thousands of them are working together to find vulnerable computers – tests have shown that unprotected computers are attacked within minutes.
Posts
0 comments:
Post a Comment