How to Avoid Online Security Breaches

In light of my security problem last week, I thought I would detail the problem and talk a bit about security today.

Our whole lives are on the computers now. You have access to your bank accounts, taxes, credit cards and even mortgage online where just a few years ago, all those things were dealt with in paper.

The electronic age has certainly brought convenience but at what cost?

Last week, I learned a bit about that cost. My Gmail account was compromised. I was in my account around midnight, and in just a few hours, my account was accessed by someone else, my password was changed and I was helpless.

The worst part is, like many others I know, I used Gmail as a storage facility for far too many important things. I had passwords from all the sites I access archived in my Gmail account as well as some info about my taxes, myself and my wife, etc.

I’m not sure how this happened but I have a few ideas. Regardless of how, I want to insure that this doesn’t happen again.

Passwords are the gateway to your online life, why would you make your password something simple?

Here are some tips on making a more secure password which is the first step you should take to avoid security problems.

Don’t use anything that can be found in the dictionary, in any language. This may sound pretty difficult, but its really not that hard to come up with a system to create different, seemingly nonsensical passwords for each and every site you visit online.

For example, your password schema could be nursery rhymes. Each site you visit, you assign a nursery rhyme. For site #1, that may be: “Little Miss Muffet sat on her tuffet.” From that, your password would have LMMsoht in it (notice I left the captalization the same as the nursery rhyme, this adds additional complexity), but not only that, you could assign a numbering system to all the nursery rhymes you plan to use, so this would be nursery rhyme number 2. You could then add that to your password, LMMsoht#02. There you have a 9 character, complex password with capitals, numbers and special characters.

This is just an example of how your passwords could be created, I didn’t and you shouldn’t use this password schema now that it’s online. Pick a schema that you will remember, but others wouldn’t be able to guess easily.

You can use this site to test your password strength. Some sites have their own password strength tests when you create or change your password, but I find they are very different and some pretty simple passwords qualify as strong on some sites. This password checker is very strict, even the password created above doesn’t qualify for the best rating as it is.

You should also never use the same password for more than one website. I know this sounds difficult, but it really isn’t and it’s very important. Using our above password as an example, you could use this password as the base for your passwords for a related group of websites, and change it slightly for each website.

Our initial password could be LMMsoht#02 but in front of that, add something that specifies it to the site you will use it for, such as: emlactt1LMMsoht#02. This password gets the “best” rating on the password checker, because the added characters you are using to identify it to a certain website add extra length to the password. Once you figure out a schema, it is very easy to create, remember and continually change your passwords to create a more secure online experience for yourself.

  • Some other things I see all the time are people writing down their passwords and placing them under their keyboard at work, or in their desk drawer. Don’t do this! You never know who goes into the office after lights are out.
  • Never give your password to anyone else, through verbal or electronic communications. You never know who could overhear or intercept a message.
  • Never store your passwords electronically.

If you use such a schema as described above, don’t write down your passwords in their password form. You could make a spreadsheet of the nursery rhymes you plan to use, and assign them a number, but don’t identify them plainly to a website or make any notes disclosing what the schema is for. Chances are, even if someone found your spreadsheet, they wouldn’t be able to figure out what it was for or how passwords were created from those, unless you wrote it in the spreadsheet or told them how it was done.

Like I said, your passwords are the gateway to your online. Don’t make these mistakes. Identity theft is a huge problem, and identity theft protection is a huge industry but much of the identity theft that goes on today can be prevented if you take some simple steps to secure yourself.

Image by Anonymouscollective

If you liked this, please subscribe to my triweekly updates via RSS or Email. Thank you!

Tags: , , , , , , , , , , , , , , , , ,

14 People have left comments on this post



» No Gravatar said: { Dec 31, 1969 - 05:12:00 }
» Scott WarnerNo Gravatar said: { Nov 24, 2009 - 12:11:00 }

Very nice.

[Reply]

» Grin AnndNo Gravatar said: { Nov 24, 2009 - 12:11:00 }

Very nice.

[Reply]

» CraigNo Gravatar said: { Nov 24, 2009 - 12:11:13 }

Come up with some crazy password no one will get. You have to be careful online.

[Reply]

» Jesse MichelsenNo Gravatar said: { Nov 24, 2009 - 12:11:21 }

Exactly Craig. I am online 24/7 practically and took for granted what a good password can do for ya. Be careful out there.

[Reply]

» Luigi@UPrinting.comNo Gravatar said: { Nov 24, 2009 - 06:11:57 }

Security problems are a great issue. This thing can happen to anyone and so thank you for sharing these tips. I hope we can avoid those hackers.

[Reply]

» Victor@UPrinting.comNo Gravatar said: { Nov 24, 2009 - 06:11:29 }

Thank you for sharing these tips.

I agree with you. Identity theft is really a serious issue and can really cause a lot of damage if we won’t be extra careful.

[Reply]

» Jesse MichelsenNo Gravatar said: { Nov 25, 2009 - 09:11:00 }

Thanks man, and thanks for the help earlier, you helped me reawaken my memory..

[Reply]

» Jesse MichelsenNo Gravatar said: { Nov 25, 2009 - 09:11:00 }

Thanks Scott, and thanks for the help earlier, you helped me reawaken my memory..

[Reply]

» Jesse MichelsenNo Gravatar said: { Nov 25, 2009 - 10:11:42 }

@Luigi

It sure is and it’s a big business now. Every day I think it gets harder to avoid these problems, but we can at least try.

@Victor
No prob Victor, I think people underestimate those problems that identity theft can cause.

[Reply]

» BucksomeNo Gravatar said: { Nov 25, 2009 - 08:11:32 }

Your story motivated me to change my gmail account password immediately. It’s a constant battle on security versus convenience.
.-= BucksomeĀ“s last blog ..Year End Financial Planning =-.

[Reply]

Jesse MichelsenNo Gravatar Reply:

Bucksome, I’m glad I could help. I never realized how much of a pain it is to retrieve a Google account either. They are very tight on security, have no phone number to call in and will only give you a password reset email after you answer a dozen questions including a date when your account was opened, if you were invited to gmail and who invited you. I had a try a few times before I got enough of the questions right to unlock my account. I hope to never go through that again.

[Reply]

{ Nov 27, 2009 - 03:11:15 } Friday Links - Canadian Finance Blog


 
css.php