Why is the password security important? How can you choose a good password? How can you protect your password?
Posted: Jan 2009
How many passwords do you have, at your work, at home, from your locker, bank accounts, etc? It is very possibly that we are talking about double digit number of password for the average person. Password protection is very important to you since they protect your data, personal details, your money and your personal integrity.
But if you loose some of your passwords you are in problem, since you cannot operate with some of your own resources. Even worse happen if somebody steals your password. In this case you can loose business information, money from your account, or you can be accused for acts that you didn’t do. So how should you help yourself regarding password safety
Choosing a Good Password
First rule of password protection is when you creating your password do not try to choose to obvious password, like your name or name of your spouse. Also, do not take the password after your football club, hobby, birthday number or anything else that people around you may know.
I was personally able to hack the passwords of my friends that have problem with lost passwords. I do not do hacking professionally or as an hobby, but I was able to "pick the lock" by trying to use some obvious personal information.
What should you do to increase your password protection? Try to use more than 6 letters. Use combination of letters and numbers. Use capital letters. Change your login password periodically. When you registering for an email account, you can use two methods for help in case that you loose your login password. One method is the "secret question-answer", where you set the question that you will be asked if you loose your login password. If you answer correctly, you will be able to create a new login password. Another method is the use of secondary e-mail address, where your login password will be sent, if you request it. Simply, you can register on two accounts and cross-connect these two accounts as a secondary account.
Be careful about what is your keyboard language set. If you change your language setting, your keys will be mixed up. For example letters "y" and "z" may change places if you change language setting.
Now, since you have a good login password, the logical question is how to store the password in order to maintain the password security? This is always an difficult issue. The most "secure" way of storing your password is memorizing. But this method is not the most reliable, since you can forget your login password, especially if you juggling many passwords. If you have many login passwords, try to use some software password database software. The simplest way of password storage is using password protected excel sheet. At least try to avoid the worst method, which is writing the password on your desk, in your note book, etc.
Regarding the password protection, there is always a certain possibility for your password to be stolen, no matter how unimportant your account may look to somebody. Even a secondary email account can be the target of hackers. Phishing is another way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. One of the most frequent ways of password hijacking is using of false membership offer. This offer usually arrives as a Spam mail that offers you to register to same service, like dating service, "check who blocked you on MSN", etc.
These "services" are offering you a membership form where they, among other fields, ask you for your mail account and the login password. Why would they ask you your password? For simple reason – to hijack your account and use it for spamming, or at least for collecting your contacts for their mail databases, that can be sold on market.
Social hacking is another method of hacking of your login password. Simply, hacker is contacting you as a "system administrator" or similar support service and asks you your personal data, including your login password. This is not technical hacking, but simply social hacking, where the hacker is using security unawareness of some people. The most well known hacker was Kevin Mitnik, whose main strategy was based on social hacking.
Even if you give your password to somebody you really know well, like your friend or system administrator that you know, change your password after you have no more need to share the password. Even if person that was given password is reliable, maybe the method of their system of password management is not reliable.
Password protection is very important when it comes to financial transactions. Try to use reliable services like Pay Pal. Also, the page for password entering should be encrypted ( you will be notified by browser ). If some service is not offering you encrypted page or if you are suspicious for any other reason, do not give your login password.
As a conclusion, to keep the password protection at reasonable acceptable level, keep security and reliability as main principles of safe password storage.