How to Avoid Online Security Breaches
In light of my security problem last week, I thought I would detail the problem and talk a bit about security today.
Our whole lives are on the computers now. You have access to your bank accounts, taxes, credit cards and even mortgage online where just a few years ago, all those things were dealt with in paper.
The electronic age has certainly brought convenience but at what cost?
Last week, I learned a bit about that cost. My Gmail account was compromised. I was in my account around midnight, and in just a few hours, my account was accessed by someone else, my password was changed and I was helpless.
The worst part is, like many others I know, I used Gmail as a storage facility for far too many important things. I had passwords from all the sites I access archived in my Gmail account as well as some info about my taxes, myself and my wife, etc.
I’m not sure how this happened but I have a few ideas. Regardless of how, I want to insure that this doesn’t happen again.
Passwords are the gateway to your online life, why would you make your password something simple?
Here are some tips on making a more secure password which is the first step you should take to avoid security problems.
Don’t use anything that can be found in the dictionary, in any language. This may sound pretty difficult, but its really not that hard to come up with a system to create different, seemingly nonsensical passwords for each and every site you visit online.
For example, your password schema could be nursery rhymes. Each site you visit, you assign a nursery rhyme. For site #1, that may be: “Little Miss Muffet sat on her tuffet.” From that, your password would have LMMsoht in it (notice I left the captalization the same as the nursery rhyme, this adds additional complexity), but not only that, you could assign a numbering system to all the nursery rhymes you plan to use, so this would be nursery rhyme number 2. You could then add that to your password, LMMsoht#02. There you have a 9 character, complex password with capitals, numbers and special characters.
This is just an example of how your passwords could be created, I didn’t and you shouldn’t use this password schema now that it’s online. Pick a schema that you will remember, but others wouldn’t be able to guess easily.
You can use this site to test your password strength. Some sites have their own password strength tests when you create or change your password, but I find they are very different and some pretty simple passwords qualify as strong on some sites. This password checker is very strict, even the password created above doesn’t qualify for the best rating as it is.
You should also never use the same password for more than one website. I know this sounds difficult, but it really isn’t and it’s very important. Using our above password as an example, you could use this password as the base for your passwords for a related group of websites, and change it slightly for each website.
Our initial password could be LMMsoht#02 but in front of that, add something that specifies it to the site you will use it for, such as: emlactt1LMMsoht#02. This password gets the “best” rating on the password checker, because the added characters you are using to identify it to a certain website add extra length to the password. Once you figure out a schema, it is very easy to create, remember and continually change your passwords to create a more secure online experience for yourself.
- Some other things I see all the time are people writing down their passwords and placing them under their keyboard at work, or in their desk drawer. Don’t do this! You never know who goes into the office after lights are out.
- Never give your password to anyone else, through verbal or electronic communications. You never know who could overhear or intercept a message.
- Never store your passwords electronically.
If you use such a schema as described above, don’t write down your passwords in their password form. You could make a spreadsheet of the nursery rhymes you plan to use, and assign them a number, but don’t identify them plainly to a website or make any notes disclosing what the schema is for. Chances are, even if someone found your spreadsheet, they wouldn’t be able to figure out what it was for or how passwords were created from those, unless you wrote it in the spreadsheet or told them how it was done.
Like I said, your passwords are the gateway to your online. Don’t make these mistakes. Identity theft is a huge problem, and identity theft protection is a huge industry but much of the identity theft that goes on today can be prevented if you take some simple steps to secure yourself.
Image by Anonymouscollective br>
If you liked this, please subscribe to my triweekly updates via RSS or Email. Thank you!
Tags: bank accounts, complexity, convenience, credit cards, dictionary, electronic age, gmail account, important things, little miss muffet, numbering system, nursery rhyme, passwords, quot, schema, security problem, security problems, something simple, storage facility
14 People have left comments on this post
Very nice.
Very nice.
Come up with some crazy password no one will get. You have to be careful online.
Exactly Craig. I am online 24/7 practically and took for granted what a good password can do for ya. Be careful out there.
Security problems are a great issue. This thing can happen to anyone and so thank you for sharing these tips. I hope we can avoid those hackers.
Thank you for sharing these tips.
I agree with you. Identity theft is really a serious issue and can really cause a lot of damage if we won’t be extra careful.
Thanks man, and thanks for the help earlier, you helped me reawaken my memory..
Thanks Scott, and thanks for the help earlier, you helped me reawaken my memory..
@Luigi
It sure is and it’s a big business now. Every day I think it gets harder to avoid these problems, but we can at least try.
@Victor
No prob Victor, I think people underestimate those problems that identity theft can cause.
Your story motivated me to change my gmail account password immediately. It’s a constant battle on security versus convenience.
.-= Bucksome“s last blog ..Year End Financial Planning =-.
Jesse Michelsen
Reply:
November 26th, 2009 at 6:49 pm
Bucksome, I’m glad I could help. I never realized how much of a pain it is to retrieve a Google account either. They are very tight on security, have no phone number to call in and will only give you a password reset email after you answer a dozen questions including a date when your account was opened, if you were invited to gmail and who invited you. I had a try a few times before I got enough of the questions right to unlock my account. I hope to never go through that again.
2 Trackback(s)
Sorry, comments for this entry are closed at this time.