keeping your passwords secure in a very insecure world
DESCRIPTION
Passwords are very important to our online life nowadays. Know how to store and protect them to prevent all sorts of issues with your work and online activities. See the original article at: http://www.theofficesuppliessupermarket.com/articles/keeping-your-passwords-secure-in-a-very-insecure-worldTRANSCRIPT
Keeping your passwords secure in a very insecure world
We’ve spoken about Post-It notes in the past and how for a particularly ubiquitous and cheap form of office supplies they’ve revolutionised the workplace with their range of uses and ease of sticking to pretty much anything we can reach. Of course, that was a very optimistic article that talks about the benefits to mankind of such a simple object.
However, there’s a side to them that has caused many problems in the office and given headaches to IT staff up and down the country – people using them for their passwords.
I remember years ago in the main sales office that most people has a Post-It note stuck to their monitors with their username and password. In those days (we’re talking 15 years ago), security wasn’t as big an issue, people didn’t have bank accounts on-line for example, but they did use their computers for ordering things and we had some pretty strict auditing in place. We wanted to make sure that the person ordering was indeed the right person.
So, it came to be that some people had permissions that others didn’t and so they would write their password on a post it note and give it to someone to use. And they’d stick it to their monitor. Hmm.
There it would stay and then others would use it without asking when they needed access to this restricted area. Security was gone.
Fast forward 15 years and walking around an office these days you’d think people would be more careful, but no. You will still find people who have written their passwords on a Post-It and stuck it to their screen. One person had multiple passwords on one bit of paper and I asked them what they were for.
“This is my Facebook account, this one for my bank and this for the network log-on”.
Oh.
You may have seen movies where the bad guy hires a hacker to break into computers and work their way into the user database to steal all their passwords. You really don’t need to do that, just distribute a bunch of post it notes.
In fact, one security firm I spoke to popped a box in the reception area of a company with a note on saying “Password Competition – best one wins a box of wine” together with some notes where people could write their password and pop it in a box.
By the end of the week they’d collected over 150 passwords.
HOW TO SECURE YOUR PASSWORDS
Don’t write them down. Yes, I know it’s a pain but seriously, the minute you write them down and put them where people can get at them you’re asking for trouble. Certainly don’t write them on a Post-It note.
One of the best ways to secure your passwords, especially if you’ve got lots of them, is to use some software which (securely) stores them away and gives you just one to remember to get at them all. There are two that have been well received and these are RoboForm (http://www.roboform.com/) and LastPass (https://lastpass.com/).
The bonus of these is that when you log into a new website, a little window will appear and offer to save the passwords for you. Also, they have a password generator so you no longer have to type the name of your dog or the registration number of your first car (yes, I know you do it!)
What if you don’t want a software solution to your problem? Well there are other ways for those stuck in their ways.
Join words up
Even simple passwords are hard to guess, the big problem is when people write them down so all can see so the big problem is having a password that’s long enough but that you can remember. So, join words up.
How about “spotmydog” or “milkthegoat”?Another psychological memory trick comes into play here in that
something that’s ridiculous is often easier to remember.
Use “CamelCase”
Passwords are often case sensitive so “Fred” is a different password to “fred”. So, along with joining up your words, capitalise the first letters of each word, like “MilkTheGoat”. Easy to remember, hard to guess.
Shift your keys across
A bit harder this, but think of a password and then simply use the keys to the right of each letter, so “fred” becomes “gtrf”. This way you can think of an easy word yet use a seemingly random bunch of letters.
Even better, mix everything up and make your passwords really hard to guess yet dead simple to remember.
