Friday, March 22, 2013

We know all your passwords (so create better ones)

 
Identity theft isn't anything new — be it a pickpocket on the street, a crooked waiter copying down credit card info at a restaurant or someone looking over your shoulder to see your PIN at a bank machine.

Increasingly, however, identity thieves are find it easier online, sending out "phishing" scams, Trojan viruses or other high-tech means to retrieve information you type on a public computer's keyboard.
Reduce the risk by creating good passwords for all your online activity and managing them all in a smart way.

Create a solid password

The first line of defense is creating a strong password, whether it's to unlock your computer or smartphone, protect your wireless network or log in to websites, such as your online banking site.
First things first: Don't use common passwords like, er, "password" or "letmein" or "123456." Also resist using your phone number, kid's or pet's name or birthdate as each of these can easily be guessed by malicious types.

Instead, a strong password is at least seven characters long — though some experts say even longer -- and should contain a combination of letters (some uppercase), numbers and symbols.

Alternatively, some people use a string of words together to make it easier to remember, such as "littleredridinghood" or "brassmonkeyfunky." As password like this is much easier to remember than something like "J7e&j!sxL."

If using a public computer at a library or airport lounge, be sure you don't accidentally click "Remember my password" as the next person who sites down — and checks their Gmail, for instance — might see all of your confidential messages.

Speaking of Gmail, if it's offered, use two-step authentication, such as opting for Google to text you a short verification code to gain entrance to a service; you can also download and install the Google Authenticator app on your iPhone, Android or BlackBerry. Many other companies are using two-step authentication, as well.

While we know it's a drag, be sure to also lock your smartphone with a PIN, password or gesture. Facial recognition apps, such as what's in the new Android 4.0 ("Ice Cream Sandwich") platform can often be fooled by holding up a photo of the person to gain entry.

Managing all your passwords

Because you use passwords for so many different things today — and it's not recommended to use the same password for everything, for obvious reasons — there are a couple of ways to manage your passwords.

You could use a password manager on your computer or mobile device. An app called SplashID Safe ($10 to $30, depending on the version), for example, requires you to remember one single master password -- and then you can access all of your other passwords organized by type and category. The password manager can then even log you into websites so you don't have to type usernames and passwords over and over again.

If you don't want to go that route, you could come up with a system to better remember passwords for each of your online accounts. You can do this by adding a relevant letter to the front, middle or end of the password -- such as "B" for banking, "S" for shopping, "F" for Facebook or "D" for an online dating site.

Change up your passwords every couple of months, if not sooner than that, to keep malicious types on their toes.

Never share your password. A 2011 survey found tweens and teens frequently give out their passwords to friends and don't change it after they've had a falling out.

No comments:

Post a Comment