BY JOSEPH KOVAL
Whether it’s your home PC log on, on line banking web site or the wireless access point you just purchased, it is imperative that you utilize a strong password. It has been widely publicized that weak passwords, such as ‘password’ or ‘abc123’ have been the simple means of hacks and data breaches.
The average person typically creates a password that is easy for them to remember. This means people are using “easy to guess” or “default” passwords. A default user name and password are what is set on a device when it is manufactured. An example would be a wireless access point you purchase on line or a computer store.
The internet is full of sites that catalog almost every manufacturers default user name and password. Just search Google with “vendor default username and password” and you will be presented with a host of sites that detail a manufacturer’s default log on. If you do not change the password on your new device, you are welcoming a breach into your network.
Another pitfall in password creation is the use of dictionary words. In the world of hacking there is a term called “dictionary attack.” This basically means that an attacker attempts to use every word in a dictionary to guess your password. With the processing speed of an average laptop or PC an automated method like this takes seconds.
Most of us post a bounty of information to social media about ourselves, family, pets, favorite sports teams, etc. Social media is a perfect place to gather information about a person. How many of you use a pets name or a child’s name as or part of your password. Don’t make it easy for the bad guy!
So, how does one come up with a password that is easy enough to remember, so you don’t have to write it down, but cryptic enough so it’s not easy to guess?
One suggestion is to use a pass phrase. An example of a pass phrase could be: Ilovearainyday. It’s easy to remember and a little harder to guess. Let’s make it even more difficult to guess by substituting capital letters, numbers, special characters and even a homophone “eye instead of I”: eyeL0veaR@inyDay.. Notice the special characters.
Most secure banking web sites and the like are mandating a standard to passwords – minimum length, upper and lower case letters, a number and a special character. They also force you to change your passwords on a regular basis.
Joseph Koval is the owner and President of Syber3 – Syber Security Solutions located in Rockland County. He has over 27 years of Cyber Security experience and project management. Check out his web site: www.syber3.com and Syber3 Facebook page where he posts current cyber related alerts and educational articles to help keep you safe on line.