Online Identity Theft Protection



             


Saturday, May 17, 2008

Don't Be an Identity Theft Victim: Tips for Creating Good Passwords


According to recent studies, up to 7 million people per year (yes, that is "million") are victims of identity theft in the United States alone. That is more than 19,000 per day and nearly 800 per hour. Wow! While some feel that these figures may be greatly inflated, they still are sobering. Regardless of the actual number per year, we still need to protect ourselves from this problem. Many, though not all, of the yearly victims become so because they are not as careful with their sensitive data as they should be. Carelessness is all a thief needs to make a victim.

CCT offers this article "Tips for Creating Good Passwords." This will be the first article in the CCT Tip Series entitled "Protect your Data Online and in the Office". Please give us your feedback. Feel free to leave comments and suggestions.

The chain of protection is only as strong as its weakest link. Many times, the weakest link is a poor password. One of our clients recently told me that at one time, every computer in their office had a password of "password". Obviously, that offered as much protection as a screen door on a submarine. A password is the first step to safeguarding yourself and protecting your sensitive data.

Password No-Nos

    Here are a few things to avoid when making your password:

    1. DO NOT include words that can be found in the dictionary in any language. Believe it or not, there are dictionaries for password cracking. They are filled with, not only words and names, but also number and letter combinations, such as 11111 and abc123. If your password is super simple, like "champ" or "bigtime", it can easily be guessed.

    2. DO NOT use only letters or only numbers.

    3. DO NOT use names of spouses, children, girlfriends, boyfriends or pets.

    4. DO NOT use phone numbers, birthdates or, even worse, your Social Security number.

    5. DO NOT use the same word as your log-in, or any variation of it.

    6. DO NOT give out your password to friends or family members (especially children) who could pass them on to other less trustworthy individuals.

    7. DO NOT store written passwords in your desk, under your keyboard or, worst of all, on a bright, yellow sticky note on your monitor. Sure, this is nice to have in case you forget your password. However, it also can provide easy access to your computer for thieves.

    8. DO NOT provide your password over e-mail even if a trusted company or individual requests it. Internet "phishing" scams might use fraudulent e-mail to entice you into revealing your user names and passwords so criminals can access your accounts, steal your identity, and more. E-mail security will be discussed in a future article.

    9. DO NOT use the same password for multiple accounts. If someone gets one password, they could gain access to many of your accounts.

    10. DO NOT enable the Save Password Option. You may see a dialog box which asks you if you want the computer to remember the password you just entered. In this case, your best bet is to choose NO. If you select YES, anyone who uses your computer could also use your pre-saved passwords on these accounts.

Ok. Now we know a little about what we should avoid. Let's learn a little about what is involved in making a good password:

Proven Methods of Great Password Creation

    Follow these tips and you will be well on your way to creating a safe, secure password:

    1. DO make your password at least 8 characters long. This would apply to your PC on your desk and any Online account that you have that requires a password. A password of this length and containing a mix of upper and lowercase letters (more on this in the next step)will take about 2 years to crack.

    2. DO choose a phrase or combination of words to make the password easier to remember. For example, take a phrase that you can remember. Let's use "Where Oh Where Has My Little Dog Gone." Now, take the first letter of each word in that phrase and you come up with: WOWHMLDG. Now, mix in some lowercase letters and you get: wOWhmLdG. For even more security, add some punctuation to the mix: wOW^hm%LdG. That is a very strong password and yet it is fairly easy for the owner to remember.

    3. DO change passwords regularly. Ideally, every few months you should create new, strong passwords for all of your accounts. This can help keep hackers off balance if they're monitoring a Web site that you visit frequently.

    Changing your password for your Online accounts

    Web sites have a variety of policies that govern how you can access your account and change your password. Look for a link (such as "your account") somewhere on the site's home page that goes to a special area of the site that allows password and account management.

    Changing the password for your office computer

    You can usually find information about how to create, modify, and access password-protected user accounts, as well as how to require password protection upon startup of your computer in the Help files of your operating system, or online at the operating system software manufacturer's Web site. For example, if you use Microsoft Windows XP, online help can show you how to manage passwords, change passwords, and more. Mac users can go here for more information.

I am sure that some of you may think that the suggestions mentioned in this article might be a little extreme. However, stop and consider this: In the time it took you to read this article, 53 people in the United States became victims of identity theft. Many of them because they were careless with their sensitive data. A secure password is the first step in making yourself safe online and in the office.

Next in our series, we will discuss "How to be Safe While Using Email." Be on the lookout for that article.

Crystal Coast Technologies is a web design team headquartered in Swansboro North Carolina. We specialize in Flash web design and database driven e-commerce. Our blog contains more tips and the latest tech news, including security alerts.

Labels: , , ,