With more and more financial data being stored in and accessed by computers (and even mobile phones), and with untold millions of transactions taking place on the websites of retailers, banks, and others, it has never been more important to practice “safe computing.” The sobering fact is that computer hackers are ever-present online, searching for the vulnerabilities that will allow them to commit the next scam, identity theft, or outright burglary of assets stored in one of your digital “safes.”
It is even more surprising to learn that the vast majority of cybercrimes are enabled by users who employ weak or insecure passwords. Recently, Wikileaks founder Julian Assange claimed that the email account of John Podesta, head of the Hillary Clinton presidential campaign, was hacked because his password was “password.” While Assange’s claim has not been verified, it still points up the fact that far too many users are far too naïve when it comes to protecting their online data and identities.
For example, Forbes tech columnist Yael Grauer posts an annual column of the “Year’s Worst Passwords.” For 2016, the winner was “123456,” long regarded as the worst, least-secure password on the Internet. Why? Because this is almost always one of the first guesses by anyone trying to gain access to someone else’s account. Nevertheless, “123456,” along with “password,” routinely tops the Forbes list–year after year. Apparently, some users are very slow learners.
Furthermore, it’s not enough to alter or add one or two letters to numbers in order to increase password security: hackers are long accustomed to trying “passw0rd,” “p@ssword,” and even “password1.” Patterns generated by your keyboard should also be avoided. “Qwerty,” the first six keys from left to right on the top alpha row of a standard keyboard, is on the “Hacker’s Greatest Hits” list, as is “zaq1zaq1” (what you get when you key the far left column of characters). And don’t even think about using words like “login,” “admin,” or “welcome.” Similarly, your name and the names of your family members–or alphanumeric variants on them–are password no-nos.
Many users have begun employing random password generators, like the one that comes with the Safari web browser that is standard on Macintosh computers. In many cases, these randomly generated passwords can be synchronized across your various devices. Others favor programs that allow them to keep their different passwords in an encrypted–password-protected–“virtual vault,” usually on a handheld device, for easy reference when accessing various secure websites (this also helps to alleviate frustrating memory lapses and the frequent need to reset login information). The important thing to remember, cyber-security experts say, is that a password need not necessarily be random in order to be secure; it just needs to be sufficiently complex (with enough digits, letters, or special characters), and it needs to be hard for anyone but the user to guess. Also, for maximum security online, you should avoid re-using passwords or using the same password for different accounts.
Practice “safe computing.”