eWaste Recycling

The Importance of Strong Passwords


Passwords. Everyone's got an opinion on them (OK, not really, but I'm permitted a little bit of poetic license).


The kinds of stuff people really do say when it comes to passwords is more along the lines of, "All they do is slow me down." "Noone I don't trust is ever near my computer." "I get it, but the easier to remember the better, right?" Etc.


Let me just say, a good password, a STRONG password is well worth the minimal effort that it's going to take you to either memorize it, or configure a secure way to remember it. (And that sticky note on the bottom of your keyboard? Not what I'd call secure)


About three years ago a major security breach took place at a somewhat popular website, a database of something like 25-30 million passwords was breached, and unsurprisingly, apparently a whole lot of people don't take their data security very seriously. Of the top 10 most common passwords here are five I consider to be especially enlightening:
  • 123456
  • abc123
  • Password (Capitalized Even!)
  • iloveyou
  • princess
I'll even throw in another one taken again from top 10 most common passwords, as an example of a slightly more thought out (emphasis on slightly) mnemonic device. *nameofthewebsite* (No joke! Imagine banking online with Wells Fargo, using the Password: wellsfargo)


A little bit amazing isn't it?


We live in the Digital Age. Just about everyone it seems has a computer, our phones are becoming more like computers every day, we scan, we swipe, we set up automated transactions, etc. A child born today will likely spend the majority of their life with some version of 802.11abgn (wireless networking standards) passing through his or her body, it's the way of the world. Instances of identity theft are higher than they've ever been, some people are making a lot of money trying to protect you, but there are a lot of very intelligent people out there who would rather figure out ways to spend your money than to make an honest living themselves.


My advice to you. Start with the small things, use secure passwords. Any of the following will help minimize the risk of you having your data compromised;
  • Substitute numbers for letters (He110 W0r1d)
  • Substitute symbols for letters (He][o Wor!d)
  • Use combinations of words that make no sense (PaperMallet)
  • Go pro-style and combine the above three! (Wh0leWh3@tM][cr0ph0n3)
  • Use complete sentences if you can (theuniverseisagiantcomputer)
  • Use a Password Manager (Keepass)
You may never know the difference it makes, but that's the goal really. Take it from an IT professional, the end-user is the weakest link in an otherwise standards compliant security policy, and that is in no way intended to be insulting! Things in the digital world move fast, even my advice here doesn't make for much of a corporate password policy, which would typically include password renewal, and reusage guidelines. If you are interested in more information about this type of stuff, my piece 'If a Hacker wants in bad enough, they're getting in' would be a natural progression for additional reading at this point.


Any questions about any of this? Please don't hesitate to ask.