Quick show of virtual hands…
How many of you use passwords that include your first or last name? How many of you, when required to use numerals, add something easy to remember, such as the day or month of your birth? How many of your four-digit “pins” reflect your birth year, street address or last four digits of your social security number?
All of the above are low-hanging fruit for hackers. Armed with the tiniest amount of personal information, they can run combinations of names and numbers until they breach security.
If you haven’t raised your hand yet, don’t feel too secure. You’ve invited the ill-intentioned into your virtual vault if you use common passwords such as a progressive series of numbers, e.g., “123456,” simple keyboard combinations (such as “qwerty” or “qazwsx”) or words such as “password,” “letmein,” or “iloveyou.” These are among the most common passwords, and professional hackers can run through a million of the most frequently used passwords in seconds using sophisticated software.
25 most-hacked passwords of 2012
Still feeling comfortable, “8675309?” How about you, “NCC1701?” Don’t. The “Jenny Jenny” song phone number and the Star Trek Enterprise ship identifier are among the top 100 most popular keywords. Check out the list in the box at right for more.
The bottom line: most of us have weak passwords that make us vulnerable to cyber attacks. Thankfully, there are several steps you can take to strengthen your passwords and prevent intrusions into your electronic devices, compromised data, or even theft.
1. First and foremost, avoid suspicious links.
If you don’t click on fake or hazardous links, you are far less liable to put something on your computer or device that can be used as a gateway for hackers. Be vigilant and careful. The traps are more difficult to spot than the hokey Nigerian e-mails offering millions. “Spear phishers,” for instance, use an e-mail or text – customized to the recipient – with an innocuous-looking link or attachment that is in fact malware. Don’t click on links or file extensions you don’t recognize, and avoid some you do – such as .exe files – unless you are absolutely certain it is from a trusted source.
2. Put some thought and sophistication into your passwords.
Don’t just use words from the dictionary. Hacking software can pour through all of them in seconds. Combine letters with numerals and special characters. Use at least eight (8) characters overall. A recent New York Times article suggests “jamming” on your keyboard to create random characters for a password. Remembering it might be problematic, but don’t type it into a file and save it on your computer (more on that in a second).
3. Never use the same password twice.
People tend to use the same passwords across multiple sites. A hacker that gets into your Facebook account can probably only do temporary damage to some personal but mostly virtual relationships. If that same login info unlocks your Amazon account, you might provide an early Christmas for someone.
4. Store your passwords in a secure place.
Don’t keep a file on your computer or in an e-mail folder titled “passwords.” Don’t store your passwords online anywhere, no matter what the folder name. If it’s on your computer, it’s accessible. You probably safeguard hard copy documents (birth certificates, titles, etc.) somewhere – put a list of your passwords (or better yet, password hints) there.
5. Don’t answer security questions or, if an answer is required, fudge it.
Security questions are often the point of entry for hackers. In many cases, your social media platforms provide enough of the background information needed for a skilled hacker to crack your security questions. If an answer is required, pick your second pet or make up a fictional school nickname as a response.
6. Mix it up.
Don’t put everything password-related on the same browser or same e-mail address. Use Chrome, for instance, for your financial Internet usage, and Explorer or Firefox for social usage. Sign in with different e-mail addresses for different sites – that way, if one is compromised, the damage is limited.
If you follow these six steps – you are still likely to be hacked sometime in your lifetime. However, these measures go a long way to preventing that day and will definitely limit the occurrences and potential damage caused. Today, the cost of cyber-crime is estimated at over $110 billion. That’s plenty of incentive to keep hackers consumed with cracking passwords, stealing data and worse.
If you have questions about ABC Signup, registration software or password security, please e-mail or call (866.791.8268x0) us. We’re happy to share just about anything – just not viruses, worms, trojans, et al.