Posts Tagged ‘IT’

How secure is your password?

Tuesday, March 6th, 2012
Share Button

This edition of the PPS Recruitment Blog sees our resident IT Guru and technical wizard, Darren Edwards take to the stage. Moving away from recruitment for a moment, Darren explores the world of passwords and delivers some useful advice on keeping your personal information close, and your password even closer.

What is your password?

A pet’s name?  Your favourite football club or your favourite colour? Or is it your child’s name or even your mom’s birthdate?

Either way, to someone looking to exploit your online accounts, it can be very easy to guess.

Password Security

Combine words with numbers for maximum password security competition to win an IPhone.

Let’s take a common scenario. You have just entered a draw to win an iPhone using your email address on a well-known gaming website. Everything about the competition looks legit. Plus, your friend’s already entered, so it’s got to be safe and just a bit of harmless fun – right?

Wrong.

Given that free email provider websites can be accessed by anyone (take your Hotmail or Yahoo mail account), by entering your email in to that seemingly harmless competition, you will have already handed a hacker half the key to accessing your personal data.

After all, with access to the Internet and an email address, all that is left for a hacker is to guess your password correctly.

Funnily enough, you can bet that they have some tools to help them do it too.

The unscrupulous will have a text file – which is compiled of lists and lists of known passwords, names, football teams, towns and cities, dates and general random but well known password combinations. They have a bank of information that could easily help unlock a generic password protected account.

Furthermore, a bit like a Facebook ‘fraper’, many of those who hack into accounts do so to people they know personally. It’s no wonder either, given the alarmingly amount of crucial information people can give away in a conversation, even if they have only just met the person. This holds true for online conversations too. Even social media can give the game away, for example listing siblings, pets and birthdays.

So I urge you to use a better method at protecting your information. Don’t forget, your bank may be the most secure in the world, with online security checks, encryption and captcha techniques, but if someone has access to your email account they have access to your life.

How to beef up your password selection

There are several techniques you can employ, however they all come down to the same.

Use as much randomness as possible (mix letters with words) and avoid common words or phrases.

Instead of your birthdate or house number, use your very first telephone number that is no longer in use, or the digits of your driver’s license.

Combine this with a random word you have selected and then add in that bit of pizzazz, a symbol or two.

Allow me to demonstrate, for example:

Frederick will always remember his national insurance, 820034

His favourite book character was Dibbler, from a Terry Pratchett book.

By combining the two together – voilà – a password is formed!

Dibbler820034

Now, we can add in a couple of special characters.

Dibbler-820034.

Simple but a lot safer than BCFC1968

You can even take it a step further if you like. Remove the zeros. Swap E for 3, I for 1, 4 for A, S for 5, g for 9 or B for a 6.

D1bbl3r-8234.

Now for the tricky bit – remembering your password. Well, that is where you come in. Everyone is different here, some people need to use repetition to learn, and others just need a reminder.

No matter what, remember your password and stick to it.

Change is good

It is good to change your password every so often as well, so a strategy of incrementing a counter can help here if you struggle to come up with incredible passwords on a regular basis.

D1bbl3r-8234 can become:

Using Numbers              Letters                             Roman Numerals

D1bbl3r-8234.1                  D1bbl3r-8234.a                 D1bbl3r-8234.i

D1bbl3r-8234.2                  D1bbl3r-8234.b                 D1bbl3r-8234.ii

You get the idea. Your already strong password can be used over and over like this.

So, if you suspect anything at all, change it and change it now.

Written by Darren Edwards, IT Manager at PPS.

Share Button