Carroll County Times Articles
Password Basics
by Jeannine Morber – January 31, 2008
Just about everyone today accesses websites that require a log in and password. Many sites, such as banks and other financial sites require passwords in order to protect your money and others such as government sites do so to protect your identity. Other web sites, such as online shopping sites require a log in and password to keep track of your purchases which makes your shopping experience easier and more efficient.
In the past, people didn't give much thought to choosing a password and often chose something that was very easy to remember. As a result, many passwords were often pet's names, birthdates, child's names or even social security numbers. These passwords are indeed easy to remember but unfortunately they are also very easy to crack. It wouldn't take too long for someone who wanted steal your identity or clean out your bank account to guess such an easy password.
On the other hand, some people choose passwords that are so difficult to remember that they have to write them down. As I am sure you can guess, once a password is written down, it is no longer secure.
So just what is the best way to choose a password?
To answer this question, I asked Thom Bethune, an expert on information security with InfoPathways in Westminster. Thom recently gave a presentation on passwords and security as part of a Data Management Seminar hosted by the Tech Council's Technology Advisory Committee. Before answering that question, Thom gave me a list of password Don'ts:
- Don't choose a password that is a word that can be found in a dictionary. These are the easiest for hackers to crack.
- Don't write your password down and keep it near your computer. If it's easy for you to locate the password, it is easy for anyone to locate.
- Don't tell anyone your password.
- Don't change your password unless you believe it is no longer secure. The more often you change your password the more likely you are to forget it.
In addition to the above list, Thom also advocates a very easy method to develop your own safe and secure password. First, choose a short phrase or compound word that you will not have difficulty remembering. Thom chose “red dog” for as a simple example. Take the first part, and change the letters to numbers according to the keypad on a telephone. “Red” is now “733”. Choose a symbol, either a “$”, “@” or “%” and place it between the first part and the second part. The new password is now “733$dog” which is a difficult password to crack.
Thom also recommends using longer words and a capital letter for increased security. According to Thom, hackers are creatures of opportunity and won't dedicate much time to cracking difficult passwords. The more difficult you make your password, the less likely it will be discovered.
Thom's entire Information Security presentation in addition to the other presentations by expert speakers at the Data Management Seminar were filmed by the Community Media Center and will soon be aired on CMC's Channel 19. Show times will be listed on our website as soon as they become available.
About the Author
Jeannine Morber is the Director of the Carroll Technology Council. Questions are welcome and may be addressed in future articles. Email mail@carrolltechcouncil.org or go to www.carrolltechcouncil.org to learn more.
