Basic Security

Ok, so I was going to write about tablets, especially with the Xoom hitting shelves last week. ( Take a look. ) Then I read an article this morning about how the security gurus think that social networking (i.e. facebook, myspace, twitter….) will be the next major target.  All I can say about that is “DUH!!!”  Their premise is interesting though, the idea is that if an attacker can get your Facebook password they stand a much better chance of getting your bank account password.

Ok I know that you probably have 700 passwords, or more accurately you have 700 different things that require passwords.  If you are like most people you probably only have one or two passwords you change slightly depending on the requirements of the program or website you are using.

This is a BAD idea.  Seems obvious, but many people (I’ve been guilty of it too) just don’t want to have to remember that many passwords.  I know it’s hard, I know it’s a giant P.I.T.A. but unless you want some fourteen year old acne riddled kid in some foreign country (or your hometown for that matter) taking his girlfriend to the prom in a limo you paid for use good password security.

Here’s some tips to help keep your passwords safe:

1) Use complex passwords.  Things like “bob” are NOT good passwords a really good password looks something like “$%Tj8#4fQz” of course that’s very difficult to remember so…

2) Use phrases to create a more complex password. Something like “Julie was born on September 28 1985” could be “JwbSep2885”  Not the best, but much better than “julie”

3) Use L33t Sp33k (using numbers and symbols in place of letters) to create something that looks like a word. Something like “J\/!3”  for “julie”  That is still a little on the short side, but it’s a definite improvement.

4) Use a password manager, there are A LOT of them on the market, try some out, many of them will have password generators to create a truly complex password and the program saves it so you don’t have to remember it.  That way every website you visit can have a unique password.  Most of the password keeper programs I’ve used also have a timeout/lockout function that requires you to re-enter the master password after 20-30 minutes (or less even) of activity.  Many of them will also install on a thumb drive so you can it with you where you need it.

5) DO NOT EVER and I mean NEVER EVER write your passwords down and put them in your wallet.  The first thing an attacker is going to do is change your passwords so you can’t access your own stuff.  So if you lose your wallet, you have lost all your credit cards, and your bank account, your email account, all your credit card accounts and on and on.  By the time you realize you’ve lost your wallet, you have lost all of your money, and any easy way to stop it has gone the way of your wallet.

Good luck, and be safe…

 

dave