How secure are your passwords

Every company, organization (non or for profit), and individual wants to keep their sensitive, some of its proprietary to the company, information on their computers and devices safe from intrusion. From trade secrets, strategic plans, personnel records, banking information and other numerous vital information. In some cases it is required by federal law.

But invariably hackers and other ner’do wells will get into their systems and create havoc and be a general nuisance. In all reality it is the cause in roughly 75% of all cases the employees/vendors fault that an intrusion is made. And while it is the employees who will let them in it also falls to C-suite to prevent it with adequate training and enforcing the policies and procedures of the company, hopefully you have them.

The #1 way for hackers to get into corporate networks, home computers, and other devices is fairly simple. Their passwords. Being perfectly honest our employees and even many security professionals are not so smart when it comes to passwords and other such computer security protocols.

The Democratic National Committee was hacked in the summer of 2016 and e-mails between the Hillary Clinton campaign and party officials were leaked. Then John Pedesta’s e-mails were also leaked, and these leaks probably cost the Democrats the election. Most people will ask, how did this happen and why was it so easy? The honest answer is very simple.

One person at the DNC headquarters opened a phishing e-mail and hit a link within the mail. That in effect downloaded malware of a malicious nature to the network. From there it was a fairly simple matter to attack Pedesta’s mail, find his password and hack his e-mails.

His password? Password.

This also recently happened to several state legislators in Arizona. They opened e-mails, on their laptops, and hit links within those mails. The link was asking them to reset their passwords for a new system within the state government. They complied and subsequently downloaded malware.

So, how can you create passwords that are strong and can be used without being forgotten with the innumerable amount of social media accounts, shopping, work, and other places that require them? The simple answer is making it easy enough to remember and long enough not be easily guessed by a computer hooligan or software program.

By being simple and not easily compromised you can protect your networks, home PC, and other devices for the most part. There are innumerable other ways to prevent intrusion but passwords is a start and it is fairly simple. Here are a few examples to use or go by;

Ilovetunafishsandwiches

Cheeseburgersaremy favorite

CheeseburgersinParadise

iL0vemywifeexcexclusively

fluffyisthebestfelineever

 

In addition you can take your favorite song or band and use them such as;

CarelesswhisperbygeorgeMichael

Eltonjohnsangbennieandthejets

Modernenglishsangi’llmeltwithyou

Or use your favorite sports team somehow;

Thekansascitychiefsarethegreatest

Royalsofkansascityareworldserieschamps

(Unfortunately some may use this)

Raidersfanuntilidie

americasteamisthecowboys

You could of course use traditional methods and use upper and lower case letters, symbols, numbers, and so on such as substituting 1, !, or I for I. Possibly a0 for an o or even ! or 1 for an L or l. You could even use a 3 for an E if you wish. These are enough to mess up your English language skills as well as befuddle a hacker. But the one thing that all security professionals will agree on is simple. Make them as long as necessary to make it both difficult for a hacker to guess and easy for you to remember. You have to keep in mind that a hacker can find your password, with available software, within a few hours for a password with five or less characters. On the other hand, more than a trillion years to discover one with 15 characters or more.

And if you have so many accounts and consequently that many passwords, which you should, you can’t remember them use word association and a numbering system;

Twitter: 1!ilovemycat@2

Facebook: 2@ilovemycat3#

Instagram: 3#ilovemycat$4

Linkedin: $4Iamthegreatestsecurityproever%5

And on and on. Of course you’ll want a bit more complicated than that but you get the drift of what I’m trying to demonstrate.

Lastly, about those phishing mails you may get… If you don’t know who sent it or why they are sending you a mail with nothing but a link, non-personalized greeting, or it doesn’t sound like the person you thought it may have been. Send it to spam or delete and don’t, I repeat don’t, hit the link for any reason. On the last hand, this link for my Facebook page is perfectly safe to hit, if you’re on Facebook!

Facebook.com/oneistoomany or Twitter: @robertsollars2

I May be Blind but my Vision is Crystal Clear

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s