Leave a comment

5 password mistakes far too many people make

There's a joke going around the internet that says, "I changed my password to 'incorrect' so whenever I forget it the computer will say, 'Your password is incorrect.'" It's a funny idea, but passwords are actually a serious matter. They're often the only thing standing between a snoop and your information or money.

Did you hear the news? Facebook and Netflix just issued a warning to users, recommending they update their passwords. There's a reason for that. Over the past few years, cybercrime has increased immensely, and your password is your first line of defense. Even Facebook CEO, Mark Zuckerberg, learned about account security the hard way when his personal social media accounts were hacked. Click here to read more about it.

Here at Komando.com, we share tips regularly about how to protect yourself from cyberattacks. And passwords are a huge area where many out there could use improvement. Here are the top five mistakes you're probably making with your passwords, and how to solve them.

1. Too short

A decade ago, a five- or six-character password was more than a match for the average computer. However, computers have increased in processing speed at such an astounding rate that a six-character password is as bad as having no password at all.

When you're making new passwords, eight characters should be the absolute minimum, and 10 to 12 characters is recommended. For super important accounts, such as your banking account, a 14 to 16 character password isn't a bad idea. My IT staff uses 30-character passwords for the important systems.

2. Too simple

Even a 12-character password isn't going to do much good if it's something as simple as "123456789012" or "abcdefghijkl." Hackers check for things like that right away.

Even a common phrase like "maytheforcebewithyou" is something hackers look for right off the bat. They have dictionaries with millions of the most common passwords and variations, and they can crack these simple ones in minutes or even seconds using home computers. In fact, check out the recent list of the most common passwords to make sure you haven't used any of them.

A strong password needs to have a mix of upper-case and lower-case characters, along with numbers and symbols. However, you can't just get away with simple substitutions like "Mayth3F0rc3Bw!thU!"

Something like that will slow a hacker down, but modern computers are fast enough to try substitutions like this as well. Your password needs to be virtually random.

Instead of just randomly hitting keyboard keys, however, try another method that makes the password easier to remember. Start by thinking up a random sentence. You can use a catch phrase, quote or even a song lyric like "Tramps like us, baby we were born to run."

Take the first character from each word to get "tlu,bwwbtr." Add some symbols in place of similar letters, so "u" becomes |_|, the "to" from the original lyric becomes 2. Then, capitalize a few of the letters to make a strong password that's easier to remember than a random password: "Tl|_|,BwwB2R."

However, when you have dozens of passwords, remembering them is going to be a problem even with this method. That's why you need to keep in mind the next two mistakes.

Next page: More mistakes
Use Facebook? One step can prevent things from coming back to haunt you
Previous Columns

Use Facebook? One step can prevent things from coming back to haunt you

5 digital tricks you'll use over and over
Next Columns

5 digital tricks you'll use over and over

View Comments ()