Wednesday, June 16, 2010

Checkity Check Yourself - Make Sure You Protect Yourself

10 Tips to Keeping your Password Safe

So many of the things we have today (internet, wi-fi, hot spots) to help us be more connected are actually helping us to break free of being connected in the traditional sense of cables and limited to buildings and structures.

No longer do we need programs installed on our local hard drives, or home to access the internet - anything from updating your Facebook page, to sending out your newsletter, updating your website, even doing your banking (although we wouldn't recommend it) can be done from the comfort of a Starbucks chair while drinking your favorite beverage.

This new freedom and accessibility, can leave us vulnerable in ways that the average person might not be able to comprehend. The bad news is that if someone wants access to your files, they can and will find a way. Even the Department of Defense understands this and although they may have a lot more firewalls than you or I have - they also have a team ready to be sent to the house of the attacker to be arrested. Most people probably don't have that luxury, so I wanted to find out a few ways that people, businesses, and staff can better protect themselves from being victim to a hacker or digital thief.

I interviewed Mike Hogan, Security Specialist at MSI Systems Integration Ltd. ("The ITeam") to get some good tips on how to protect yourself from being susceptible.

"One of the biggest issues is that people don't change their passwords frequently enough" says Mike, "they also use the same simple password, that's not very complex for all of their accounts making it easy for someone to gain access to a lot of their information even if they only had one password."

I asked Mike to share some guidelines for personal and professional passwords, here is a list of 10 things that you can do to protect your passwords:

1) Use the same email account for all of your passwords
This way if you forget your password it's easily accessed by clicking on 'forget password' and you just have to remember one email account. Instead of having the same password for everything, rest assured that if you happen to forget the account information, you can always have the password reset using your email.

2) Never use a 'dictionary' word
If it can be found in a dictionary - don't use it! Instead pick a phrase that means something to you, here's an example:
-say you like the movie "The Good the Bad and the Ugly" then maybe your password would be tGtb&tU!

3) Always use 8 characters or longer (where possible).
The longer the password the harder to guess or crack.
Ensure you use a combination of upper and lower case, numeric and special characters (when possible)

4) Capitalize in an odd spot
Try not to use the capital letter at the beginning, instead use it within the password, example: tGtb&tU!

5) Replace vowels and other characters
Replacing these with special characters or numbers will help you remember
Some common replacements are:
a = @
e = 3
i = 1
l = 1
o = 0

6) Don't use region specific phrases
For example, if you're living in Calgary and are a fan of the Calgary Flames, then you probably don't want to have 'Flames1' as your password, instead you might consider 'fl@me$RU13!!' to make it a little harder for someone in your area to crack. Same goes for other fans in other regions.

7) Ensure your banking and social networks passwords are DIFFERENT
Don't use the same password for everything - if someone can figure out that one password, then it opens other sensitive information up to all of your networks, including banking and other personal data.

8) NEVER click on the 'Remember my Password'
It seems convenient, but I can tell you from personal experience, it's not the way to go. Bots and spiders can creep through your internet browser to find and crack these files. Even though it's tempting, NEVER let anyone else remember your password for you, especially your internet browser.

9) Do NOT store all of your passwords in a 'passwords.txt' or 'secret.xls' file
If you do malware on your computer, they are programmed to look for files that might be named 'secret' or 'passwords', find them and then report them. These files usually have everything an attacker would need to know, including user, login, password, URL to login to....If you're going to keep a list, just keep a list of where you currently are signing up and not the passwords associated.

10) Change Frequently
One of the best things you can do to protect yourself is to change your passwords frequently. Once a month quarter is a good start but for more sensitive data like banking once a month is better. You may want to have several (more than 3) one phrases a month that you cycle through or something to help you remember, whatever that is, changing it frequently is key.

If you're worried about forgetting your password, then Mike does suggest you look into an Encryption program that can safely store all of your passwords. You will want to research programs that suit your needs and your system, however it's a worthwhile investment, when you consider the alternative of being open to an attack.

The bottom line is using these tips and some common sense you can protect yourself and your files from being vulnerable. This is something I personally need to be more diligent in monitoring and maintaining. And in this digital age we live in it's something we all need to be more mindful of.

To find out more about The ITeam and their services visit their website

Labels: , , , , ,


Post a Comment

Subscribe to Post Comments [Atom]

<< Home