Securing Your Accounts With Well-Crafted Passwords

In the past I've never really paid much attention to security issues when it comes to user names and passwords. Frankly I figured it was all a lot of overblown hype. This led to an unfortunate incident that involved my website being attacked, apparently by a skillful youth with a propensity for mischief.

The main security flaw with my website was probably the simple fact that the username and password were exactly the same. Granted I did realize that this wasn't highly intelligent but I didn't have the power to change it myself, and I didn't think it really mattered enough to bother about it. Having an identical username and password is a massive "no-no" in computer security. Your username and password should not even be related along the same line of thought. A username of "Dragon" and a password of "Fire" is not a secure combination.

For maximum security, passwords should not be cohesive words or phrases and should not be too obviously related to something like your birthday or the birthday of someone close to you. Personal information is one of the first things used when people attempt to break passwords. Having a password of "Password" is indeed humorous and ironic but it is not in the least bit secure.

A "brute force" password hacking technique involves using certain rules and guidelines to take a guess at possible passwords and generally works through a dictionary of sorts, trying combinations of possible words and common characters. Your best bet at creating a secure password is to pick a random collection of letters, numbers, and symbols, including varying case changes (in a password the letter "a" is not the same as the letter "A", so alternating at random between upper and lower case will increase the difficulty encountered in cracking your password). Selecting a sequence of characters on the keyboard (such as "asdf" or, worse, "1234") definitely does not create a secure, random password.

Having symbols in your password is an easy way to greatly increase security. These are the special characters accessed by holding the "Shift" key and pressing one of the numbers at the top of the keyboard. If you want to truly expand your arsenal of special characters, try holding down the "alt" key and pressing a combination of numbers on the num pad (the rectangular collection of numbers on the right hand side of most keyboards) then release "alt". For example, holding "alt" and pressing numbers, 1 then 6 then 8 and releasing "alt" will give the character "¿". Most combinations of 3 numbers will enter a different symbol into your password. This may make it a little harder to enter your password but it makes it a lot harder for anyone else to crack it.

To make passwords easier to remember you can use something original, like the name of your favorite character in a book (personal information that other people won't know). Then add some numbers to it, perhaps use the "Leet speak" (check http://en.wikipedia.org/wiki/Leet for exact definition) method of changing letters to numbers and generally mix things up so that to you it seems coherent and memorable but to an automated pattern recognizer it seems random. For example, "jAm35_5m1Th¿" ("James Smith") is actually surprisingly secure. In this case the password's meaning is obvious to a human reader but it will take a lot of work for them to divine the password without prior knowledge.

For additional security you should not use the one user name and password for every account that you have. If you do and someone manages to get hold of your details for one site they pretty much have the run of your digital life. It is not particularly vital to have perfect passwords for less important accounts (e.g. web based email from Hotmail, forums you visit etc.). These sites can quite happily be accessed using the same password. However, bank accounts, work email etc. should be made as secure as possible.

Hopefully a few of these tips will assist you in making your online activities more secure. Keep these guidelines in mind, change your password on a semi regular basis, and with any luck you'll be able to avoid the hacking menace that befell me.

M6.Net Web Helpers

In The News:

A game changer in IT security  MIT Technology Review

Phishing - A High Tech Identity Theft With A Low Tech Solution

Have you ever got an email asking you to confirm... Read More

Passwords or Pass Phrase? Protecting your Intellectual Property

Much has been said on the theory of password protection... Read More

Clown Internet Scam - An Internet Scam is Currently Targeting Clowns and Other Entertainers

I am the victim of an internet scam. It is... Read More

Phishing - Learn To Identify It

Phishing: (fish'ing) (n.)This is when someone sends you an email... Read More

Watching the Watchers: Detection and Removal of Spyware

If spyware were a person and he set himself up... Read More

What is Hacking? Are You a Hacker?

WHAT IS HACKING?Hacking, sometimes known as "computer crime" has only... Read More

Anti-Spyware Protection: Behind How-To Tips

There is no doubt that "how-to articles" have become a... Read More

Identity Theft -- 10 Simple Ways to Protect Your Good Name!

Identity Theft is one of the most serious problems facing... Read More

Top Ten Spyware and Adware Threats Identified

On December 8, 2004 Webroot, an award winning anti-spyware solution... Read More

The One Critical Piece Of Free Software Thats Been Overlooked

Can You Prevent Spyware, Worms, Trojans, Viruses, ... To Work... Read More

How Can Someone Get Private Information From My Computer?

From the "Ask Booster" column in the June 17, 2005... Read More

Personal Firewalls for Home Users

What is a Firewall?The term "firewall" illustrates a system that... Read More

DOS Attacks: Instigation and Mitigation

During the release of a new software product specialized to... Read More

Website Security - Creating a Bulletproof Site in 5 Easy Steps

When it comes to a secure website and passwords it... Read More

Hacked: Who Else Is Using Your Computer?

A friend called me one day and asked if I... Read More

Its War I Tell You!

There are ways to insure security though. You can get... Read More

Password Security and Safety

There is nothing more important that password security in world... Read More

Instant Messaging ? Expressway for Identity Theft, Trojan Horses, Viruses, and Worms

Never before with Instant Messaging (IM) has a more vital... Read More

Identity Theft - Dont Blame The Internet

Identity theft ? also known as ID theft, identity fraud... Read More

Secrets On Security: A Gentle Introduction To Cryptography

Let us take the example of scrambling an egg. First,... Read More

How to Protect Yourself from Viruses, Spyware, Adware, and Other Nuisances

Spyware/adware is a new major concern for PC users everywhere.... Read More

Why Corporations Need to Worry About Phishing

Phishing is a relatively new form of online fraud that... Read More

Phishing-Based Scams: A Couple of New Ones

Phishing in its "classic" variant is relatively well-known. Actually, 43.4... Read More

The Truth About Hiding Your Tracks on the Internet

Ok, ok, I know you've seen them. All those pop... Read More

Computer Viruses, Worms, and Hoaxes

In recent days, I was one of the unfortunate persons... Read More