Time for a new password or still you feel if that has a funny side??

AnnoyedDuring my recent vacation while I was having a train journey along with my family members, interesting discussion got started in the coach on recent compromises on the well-known e-commerce, social networking and job websites. Most of the people were of different age groups, genders & work profiles, primarily from non-IT back ground who felt annoyed on continuous need of passwords management.

Interestingly some of them have not changed the passwords for many years or have those managed & stored so un-protected that even their pets in the home know that. Some funny inventions shared were like husband and wife both have same passwords for many portals and craziest invention was when someone said that they have even a “family” password for all the members.  

Since my spouse and son was also part of the audience who are very active on internet so I thought to put perspective in simplified way on some best practices around password management and online purchase.

credit cardsBefore landing to the topic of password management , the first precautionary method which I thought and thinking to implement for myself also that when we are getting so many calls from credit cards company to increase the credit limits we should seriously evaluate if our finance need in future will be really that high. Or should we also look to have a dedicated credit card with minimum required credit limit just for online purchase. Less credit limit should lead to less risk if card information may get compromised. 

Now back to the passwords, yes it annoying to manage them but they are often the first (and possibly only in consumer segment) defense for information we don’t want anyone and everyone to know … so at least 7 simple methods everyone should incorporate which can surely help life with passwords a little easier.

Dont's shareKids don’t share Toys then Why passwords are shared  ?  There is a saying that passwords are like tooth brushes and they are the best if kept fresh and not shared. My analogy to the Kids was that they should treat passwords like their toys which they normally don’t like to share with any one and also prefer a new one on any day. There was a loud laughter among kids…

policyP for Policy & Policy for Password: isn’t this easy to remember?  You should make a policy to make passwords stronger. Use combination of special characters, numbers instead of all numbers (111111) or characters (logmein). Don’t use simple dictionary word like “jackpot” else hackers may hit a “jackpot”. Also, don’t forget to make your username as secure as your password.

One of senior citizen asked an obvious question that what to do if Policy competes with Memory? Answer is password such as 60YrS@n%styll&LUVN^Lfe! is long and strong. But you are right is not memorable. But it can be, if you base it on a phrase that you privately choose, such as “60 years and still loving life!”

FrequentReward yourself & kids some Points for the word “frequent”: Some of us are very passionate about rewards points for frequent flyer and frequent shopping’s. Isn’t this be a great idea if we also reward our kids & other family members for changing the password frequently?
Sometimes it is interesting to weigh the likelihood of someone guessing a password because it is weak, vs. the likelihood of someone managing to steal…..

avoid PersonalLife is not always about “ME”: Don’t use easy-to-remember personal info like your name, names of family members, your address, phone number, birth dates, anniversaries, your car number plate or anything like that. Not only on password, almost all of us do choose personal questions while answering to web site questions. Right? 

recyclingWho said “Recycling is always “Right”? Don’t reuse the same password across multiple sites; recycling is especially dangerous for email, banking and social media accounts. Each site should have its own unique login. Can you imagine the chaos if a hacker got into one account, and then they got into ALL of your online accounts because they knew your PASSWORD to EVERYTHING. Isn’t even thinking about this making your stomach hurt?

delete saved passwords“Savings” are always not good!! Don’t save passwords or use “remember me” options especially on a public computer, shared computer as next user can access your account. Auto fill is handy for lots of things, passwords that keep important things safe is not one of them and can also put your money and personal information at risk if you are not careful.

shubhThe first step to safely storing a password is to not store the password at all: Never put it on a Post-It. Never store it online. An obscured hint might be okay, but never the actual password or even an encrypted version. A password cheat sheet is fine, as long as it’s not stored on your computer or smart phone; if your device is infected with malware, you’re doomed.

Passwords are simpler and cheaper than other forms of authentication like special key cards, fingerprint ID machines, and retinal scanners. They provide a simple, direct means of protecting a system or account. While now a days debates are hot that passwords are off the rails, let’s keep following these simple steps in the mean while….end users and service providers both are responsible !!



About Keep Security Evolving

Secure state of today , may not be true tomorrow… so keep security evolving !!!
This entry was posted in Security Best Practices. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s