Stop! Before you read my post you need to read this article – Kill the Password: Why a String of Characters Can’t Protect Us Anymore. Come back here after you’ve read it…don’t worry I’ll wait for you. It’s a little long but worth it I promise.
Welcome back! Do you agree with me that that was the scariest thing you’ve read in a while, maybe forever?
In my professional capacity as a website designer I come across a lot of different passwords. Some are clearly dumb (I was given 1234123 as a password just today), some are pretty well thought out and some are really long! I used to think that my password scheme was pretty good – without revealing my secrets I use a formula to arrive at a password depending on which site I’m on so every password is different. Pretty cool or so I thought.
When you read Mat Honan’s article you realize it doesn’t matter – as long as it’s a text string (which they all are) it can be cracked and hacked. All you can hope to do is slow down the bad guys and to take steps that your stuff doesn’t get wiped from the internet by some malicious teenager. Here are a couple of the tips that I like and suggest you start implementing:
- Don’t use the same email address and same password for every online account. There are still plenty of free email services out there, even beyond the obvious gmail and Hotmail. Consider a “secret” email account just for password recoveries.
- Backup stuff to more than one place online and make sure you have a physical backup too. Terabyte hard drives are cheap – buy one or more to store all your photos and documents on.
- Give bogus answers to online hint questions. So many hint questions have obvious or easily obtained answers so using a nonsense answer that only makes sense to you is a great tool to foil the would-be phisher.
Have you had any security issues? If so, how have you addressed them? Leave your comments below.
Posted by John Tully
dsm-llc