Archives
PUBLISHED: 4:44 PM on Wednesday, August 13, 2008
Dollars & Sense: Create secure passwords
It's virtually impossible to function without passwords today. With everything from medical records to banking information available online, those alphanumerics can mean the difference between a clean credit report and an unpleasant surprise on your next ATM receipt.

But coming up with a password that is somewhat hacker-proof and that you can remember is not easy.

Microsoft did an extensive survey recently, obtaining data from more than half a million users over a period of three months.

Some findings:

The average user has 6.5 passwords, each of which is shared across 3.9 different sites.

Each user has about 25 accounts that require passwords and types an average of eight passwords a day.

The overwhelming majority of users choose passwords that contain lowercase letters only (i.e. no uppercase, digits or special characters) unless forced to do otherwise.

Computer safety experts say a strong password should appear to be a random string of characters to an attacker. It should be 14 characters or longer (eight characters or longer at a minimum). It should include a combination of uppercase and lowercase letters, numbers and symbols.

OK, but how am I supposed to remember that?

Modifying a word or phrase with numbers, upper and lowercase letters and symbols can help, said Derek Dodson, an agent with Geek Squad.

If you follow some basic rules, your password will be pretty safe, he said, adding that other precautions should be in place.

"If you have a good virus and spyware protection and a good firewall, you shouldn't have any worries," Dodson said.

Even if you're like me and use the same password for everything. Dodson suggested testing out your password at a Microsoft site that checks its strength against hackers.

I went to www.microsoft.com/ athome/security/privacy/password_checker.mspx and typed in a made-up password, boobookitty. (TV trivia buffs will recall that's the name of Shirley Feeney's stuffed cat from the sitcom "Laverne and Shirley.")

Even though it's probably not in the dictionary, that password registered as weak. I added a number at the end, and I was upgraded to medium. Changing some lowercase letters to uppercase (BooBooKitty1) put me at strong. By adding numbers between the letters and adding a symbol (Boo1Boo2Kitty@@), I got a "best" rating.

Another password checker site, passwordmeter.com/, wasn't as kind.

It gave me 0 percent approval for what Microsoft considered near perfect. I was downgraded for my repeat characters and consecutive lowercase letters. It did acknowledge that I had some uppercase letters, numbers in the middle of the password and symbols.

After some tweaking, B0o&K1TyE9c@ garnered a perfect rating.

According to Dodson, this type of password should keep my personal information safe. And to avoid forgetting it, he suggested writing it down.

In general, passwords written on a piece of paper are more difficult to compromise across the Internet than a password manager, Web site or other software-based storage tool.

Most important, treat your passwords and pass phrases with as much care as the information they protect.

Arlinda Smith Broady can be reached at arlinda.broady@ savannahnow.com.

Creating a password

Geek Squad offers these tips to keep your data secure:

Do not use single words you find in the dictionary. One of the most basic hacker tactics is known as a "dictionary attack," where an automated program will attempt the words of the dictionary. These simple passwords are particularly vulnerable.

Take advantage of the shift key, and use the available characters in addition to numbers and capital letters.

Avoid personal details such as a home address, a birthday or children's names. This information is surprisingly easy to get, and hackers targeting you specifically will likely attempt it.

Here's the full list of PC Magazine's Top 10 passwords to avoid:

password

123456

qwerty

abc123

letmein

monkey

myspace1

password1

blink182

(your first name)


Loading...