How Secure Is Your Password?
Be honest. How secure are most of your passwords really? If you're like the majority of general internet users, then the answer is probably "not very." It's understandable, though, when practically everywhere you turn you need a new password to login to one thing or to register for another, that password security may be taking a backseat to convenience. However, should you ever find yourself victim of a major security breach, as 1.3 million Gawker Media users did recently, taking a few extra minutes to protect your personal data could prevent a potentially devastating loss.
In light of this security breach, The Wall Street Journal Online posted a breakdown of the "Top 50 Gawker Media Passwords" of the leaked user accounts. While the hijacked passwords had been previously encrypted, 188,279 were decoded before being made available to the public via torrent, allowing the world to see just how vulnerable many of those accounts were. Since it's strikingly apparent that many internet users are still relying on "123456" and "password" as their password of choice, the 360PSG team is offering up our top tips on creating secure passwords that you won't easily forget.
Don't use the same password for everything. This seems like common sense, but many internet users are still guilty of it. The problem with using a single password for multiple sites is that once a password has been compromised, the security of the other accounts with that same password will have been endangered as well. In the case of the Gawker Media users, those who used the same passwords for their email and Gawker accounts were subject to the greatest security risk, as the hackers released usernames, passwords and email addresses directly to the public.
Use eight or more characters when possible. If you took a look at The Wall Street Journal link, the second graph shows the majority of the breached passwords were six characters in length. Ideally, your password should be a minimum of eight characters in length and include a combination of letters, numbers, and special characters (if allowed). Keep in mind that very obvious combinations such as "abc1234" and "a1b2c3d4" are never ideal choices for a secure password.
Create a system and follow it. The passwords from the "Top 50" list made it there because they were not unique to each user. Developing a rule set and base password can help you create individual, secure passwords while still making them easy (for you) to remember. One way to generate unique passwords is to choose a base password and then apply a rule that combines a form of the service name with it. For example, your base password could be your first pet's name and your anniversary, plus the first two consonants and first two vowels of the service name. Using that rule and base, your password for Yahoo could be "fido03yhao" and your password for eBay could be "fido03byea." Pretty easy, right? The perk of creating your own system is that the possible combinations are seemingly limitless. However, when creating your base password, keep in mind that some websites may enforce password requirements or restrictions.
Change it up. If you can change your Facebook status every day, you can certainly remember to change your password once in a while. Be proactive about protecting your information and update your passwords on a regular basis.