Clever passwords can thwart cyber-thieves - Word&Way

Clever passwords can thwart cyber-thieves

Recently the photo-sharing and slideshow site Rockyou.com was hacked, divulging 32 million passwords. The privacy breach was bad enough, but a study of the passwords by data security company Imperva was even more disturbing.

Imperva discovered the five most common passwords were 123456, 12345, 123456789, Password and iloveyou.

In The Last Theorem, authors Arthur C. Clarke and Frederik Pohl relate the story of Ranjit Subramanian, a student determined to use a vacationing professor’s academic Internet account. He succeeded by researching the man’s life, looking through his trash and using a program to try different password permutations.

Cyber-thieves use the same techniques. Their two most common methods are password recognition to fool a computer and brute force — repeated combination character attempts.

We use passwords to register, access our funds, secure private documents and identify our accounts. It’s important to make passwords as strong as possible — and that you can still remember!

Don’t use a word — even if misspelled or spelled backwards. Don’t use a sequence or repeated character. Don’t create them from personal information, such as a name, pet or birthday. Don’t use adjacent keyboard characters, such as qwerty.

Use a variety of passwords for different places. But store them in a secure place, not on your computer or underneath your keyboard. Even better, store a clue rather than the password itself.

Protect them from others. Don’t provide a password by e-mail to a possible scam artist, and don’t share with people, such as children, who might tell others. When possible, avoid using a password on another computer. Some browsers remember passwords, and public computers could have spyware installed to capture keystrokes.

What do you do?

Make them long — at least 8 characters. Once passwords reach 15 characters, Windows does not store the hashers (representations) the same way in system files.

Think of a favorite verse, quote or movie line and use the first letter from each word. For example, Psalm 122:1 (“I was glad when they said unto me…”) becomes Iwgwtsumlugithotl.

Create them from all parts of the keyboard, including numbers, capital letters and punctuation, sometimes called Leetspeak. So “greatpassword” becomes “gr3@t#pAssvv0rD.”

Programs are available to help you. Analyze your password strength with a checker such as Microsoft’s (tinyurl.com/microsoftpasscheck ). Download the free Password Generator (tucows.com/preview/341069 ) or use Mac OS X’s built-in Password Assistant. Utilize a free password management tool such as KeePass (keepass.info ). The Firefox browser has a password manager and allows you to use a master password (Tools>Options>Security).

Keeping your secrets secret can protect yourself, your family, business and even your church. Taking a few seconds to change your habits now can save you many headaches down the road.

Additional links to check out include:

Microsoft: Create strong passwords (www.microsoft.com/protect/fraud/passwords/create.aspx)

About.com: How to create a good password (netforbeginners.about.com/od/hacking101/a/password.htm)

Leetspeak and the unbreakable password (computersight.com/communication-networks/security/leetspeak-and-the-unbreakable-password-encryption-that-is-nearly-impossible-to-break/)

Makeuseof: How To Create Strong Passwords That You Can Remember Easily (www.makeuseof.com/tag/how-to-create-strong-password-that-you-can-remember-easily)

Protect your PIN, protect your money (www.interac.ca/consumers/security_protect.php)

Most common passwords from three databases (blog.jimmyr.com/Password_analysis_of_databases_that_were_hacked_28_2009.php)

Ken Satterfield is Word&Way's advertising/marketing coordinator and a former media specialist.