Passwords

Passwords are the keys to protecting our safety, offline and online, and can make the difference between info that is safe and info that is in the hands of bad people or, even worse, the IRS. ;)  Worse than that people can do all sorts of bad things in your  name if they can access your accounts, email, etc..  They can send email in your name, access your financial accounts, make purchases, incriminate you, send viruses, make phone calls, and much more.  Worse,  they can do things that will ruin your reputation, cause you to lose your job, or even be wanted by the police.  For that reason it is of the utmost importance that you make sure that any password you use is unique and difficult to figure out.  Most of the time they will NOT lock you out of access to your account by changing your password because then you'll KNOW something's wrong.  Remember how many people have been undone in the movies because their password was too easy?  That really does happen and it could be you.

To drive the point home I'll give you an example.  When I first started using BBSes (Bulletin Board Services) I only used one password.  Unfortunately, the systems operator (SysOp) of one of them was a criminal.  He used my password to access other BBSes he knew I frequented to post various messages.  This was just before he was arrested for being involved in a credit card number racket in which he and his partners bought things using CC#s obtained by a member who worked at a gas station who would keep the CC receipts.  Fortunately, I wasn't a victim of his CC racket but I did fall victim to what he did using my BBS accounts.  He insulted people, exceeded quotas for various things, and posted messages all in my name.  I was almost evicted from at least one BBS because of what he did.

One further example comes from the time when I was running a BBS myself.  My account, and those of my co-SysOps, were safe due to requiring three difficult passwords, but the regular users tended to fall into the habit of being lazy about their passwords.  A pair of hackers (whom I actually knew) attacked my BBS, found the accounts of lazy users, compromised them, and used them to cause all sorts of mischief for those unfortunate users.  It caused me a LOT of stress and problems.  They couldn't do any real damage to my computer or the data on it but they were able to erase a lot of valid messages by inputting a lot of garbage messages.

There are a few simple rules to follow to ensure you have a difficult password:

1) DON'T use a word or number that people would easily associate with you.  For instance, if you're a smoker don't use the name of your favorite brand of cigarettes.  If you have a favorite candy don't use its name.  If you have a favorite dish you like to eat don't use its name.  Don't use phone numbers, house numbers, zip codes, area codes, birth dates, anniversary dates, etc.  Not even if the number or date is for someone you know!

2) DON'T use your name, the name of anyone you know, are fond of or idolize.  If Elton John is your favorite singer it's best not to use his name.  In fact, don't use any names at all because, almost inevitably, you'll choose it because you like it for some reason.  Or perhaps because you hate it.

3) In other words, don't use anything associated with anything you like, hate, love, enjoy, are interested in, are obsessed with, or otherwise care about in one way or another.

4) DO use a combination of words, letters, numbers and characters.  If it's completely random that's the best possible password.  Most people have trouble remembering those so the next best choice is to use words and letters (and, although some places don't allow it, characters [eg: !@#$%^&*()_+]).  Even better, if you can use a language other than your mother tongue, that is much preferred.  Languages that are not official primary or secondary ones in your country are best when possible.  An example would be "asante56!bitte".  You can also replace letters in words with numbers that resemble them.  EG: 1=i, 3=e, 5=s, etc.

5) When following the above rules DO include things I haven't mentioned that common sense dictates should be included.  For instance, I didn't mentioned your Mother's maiden name or your ID number but those are definitely ones to avoid!

6) Size DOES matter...when it comes to passwords.  Make your passwords long - as long as is allowed.  The more characters in your password the harder it will be to figure out.

Obviously, these rules cannot protect you against every circumstance.  They can, however, go a long  way towards preventing problems.  Use your common sense - even if there's nothing you think is worthwhile about your accounts there are hackers, phreakers, pirates and other characters out there who will be quite happy to compromise your security.  Any security.  Be smart.