A few months back we discussed On-line Safety Habits… this week we dive a little deeper into Password securities.
We all have to remember numerous passwords to access our personal and professional accounts; one for Windows, one for e-mail, one for SalesPad, ADP, online banking or bill paying, etc… the list appears to be never ending. And in most cases to make it easy on us to remember, we use the same one wherever possible…..
Now I am the last one to talk about the latest tech gadgets or computer security systems out there, so I asked our own Web Developer, Anthony (aka. Falls Geek) for his advice and below are a few of the many password protection and manager programs out there to help you protect your accounts.
First one is KeePass. It is a free open source password manager, which you download to your computer to manage your passwords. You can put all your passwords into one database, which is locked with one master key or a key file. So you only have to remember one single master password to unlock the whole database. That password is a Master and should be treated like a Willy Wonka Golden Ticket!
Now when I first heard that, I was skeptical.. Having all my password trusted under one program? Scary… but Anthony says these sites are heavily protected and very secure. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish). I guess those mean something good to those in the Techno world!!
This master password or key phrase should be something unique that you know and can easily remember. Forgetting it could be disastrous. It should not be something easily deciphered like your name and birth date. See below for a little bit of key phrase or password creation logic.
Now one key point Anthony stressed was that once you enter into these programs, you should always use different passwords for each account.
Here is how Anthony explained it to me.. (paraphrasing) Hackers are pretty smart…. Let’s say they somehow get access to your “Sears” account and obtain your “Sears” password. If you used the same password on your “Discover” card account, through a few simple clicks and meshing your name or account info they go from the hacked Sears account to having access to your Discover account before you even know it. Using the same password on all your accounts can be a very serious problem. Especially if you used your same password for your email account !!
Do not reuse your email password for any other account… one of the most important passwords is your email password. Most all on line account have a “Forgot my Password” function. See where I am going here? They attempt to access one of your many online accounts using what they suspect is your password, using a unique password may keep them out for now, but if that fails, they fall back on the Forgot my password button….. and VIOLA!!! They send a new password to the email account they already have access to and change your password, locking you out and them in!
There is also a similar service by the name of Lastpass, which handles the similar basic functions as above for free, but they also offer a premium account you can buy for $12 a year. You can see more info on this service by going to https://lastpass.com/
Now for a little Master Password logic…
Below are two examples of Password creation and memory logics. Using “Bits of Entropy” to figure out the complexity of your password.
The first is what most people would call a secure password. A unique word with letters; both capital and small, numbers and symbols. Now I’m no Sheldon Cooper, so there is no way I’d figure it out, but to the Hackers and all the fancy programs, that passcode could be broken in matter of days….. Like they’re gonna spend that much time to get the $4.31 left in my checking account.
Now the second set of logic which is much more secure is simply made up of four random words you select that you can remember in a phrase, question or picture format….
By the way, I had to look up the definition of “ENTROPY”, the second definition made the most sense to me.
- A thermodynamic quantity representing the unavailability of a system’s thermal energy for conversion into mechanical work, often interpreted as the degree of disorder or randomness in the system.
- Lack of order or predictability; gradual decline into disorder.
Imagine how great the world would be today if all the hackers out there used their extraordinary talents to benefit humankind rather than take advantage…