Why is so important using strong password
Your first line of defense on the Web is creating the strongest password possible to protect your computer,
your data and your online accounts. That may sound like common sense, but hackers have become increasingly
sophisticated at password “cracking.” What may have been considered a strong password a year ago may now be
considered an open window to your computer. Internet security is based on a “weakest link” principle; hackers
are constantly searching to find the weakest link possible to give them access to a network or computer.
Often that weak link is a weak password.
There are a number of dos and don’ts when creating and managing your passwords, but there are some basics
guidelines you can follow.
- Use both upper- and lower-case letters
- Incorporate numbers or punctuation marks
- Use at least one of these special characters: ! @ # $ % * ( ) - + = , < > : : “ ‘ .
- Make it at least 8 characters long.
A strong password does NOT, in any way, use your personal information, such as name, phone number, Social Security number,
birth date, address or names of anyone you know.
Come up with something you can remember easily, but would be virtually impossible for anyone else to guess.
So, what can happen when you don’t have a strong password? If someone else is able to guess or crack your
password, you give them access to your e-mail or IM messages, your bank accounts, your research, your contact
lists or anything else you may have on your computer. They could start to alter or destroy files or even overtake
your computer and turn it into a zombie. (A zombie computer is one overtaken by a hacker and used to perform
malicious tasks, such as sending out large amounts of spam.)
There are a lot of techniques being used to steal passwords. Some of the most common include:
There are a number of programs designed to guess a user’s password based on information found online about
the user, such as names, birth dates, names of friends or significant others, pet names or license plate numbers.
They can even search for a word spelled backwards.
Programs and software also exist that will run every word in a dictionary or word list against a user name in hopes
of finding or guessing a password.
- Brute Force
This attack method refers to trying every conceivable combination of key strokes in tandem with a user name to find the password.
There are programs that can run brute force attacks in very quickly. The best way to beat a brute force attack is to have a long
and complex password, using upper and lower case letters, numbers, special characters and punctuation marks.
This is a common scam technique where a hacker will send out an urgent IM or e-mail message designed to alarm or excite users into responding.
These messages will appear to be from a friend, bank or other legitimate source directing users to phony Web sites designed to trick them
into providing personal information, such as their user names and passwords.
- Shoulder surfing
Be careful when logging on to a computer in public, such as a computer lab, cybercafé or library.
There may be hackers lurking around for the express purpose of watching people enter their user names and passwords.
It’s a good idea to have a password you can enter quickly without looking at the keyboard.