With all the talk of “the cloud” and of privacy violations and “hackers”, we often put the burden and the blame on Web sites when something goes wrong – like when Hotmail, Yahoo Mail or Gmail accounts get “hacked”. We hate words that are so ambiguous. You may as well substitute “gremlin” or boogeyman for “hacker” – they mean nearly the same thing they way the term “hacker” is used by most.
If an email account is hacked, 99.9% of the time it’s because the password was so weak, even a 4th grader could have guessed it. Everyone wants someone else to blame for whatever goes wrong – we live in an age where taking personal responsibility is becoming more and more rare. It would be wonderful if we lived in a world where everyone looks after one another, but we don’t. It’s not that way in real life, and it’s even less that way on the Web. Anonymity and easy access, make robbery and theft easier to get away with on the Web.
A great majority of users continue to use one password for every site. And most users use simple passwords – like “password” or “123456” or jean57 or martin36. Those are not strong passwords. A strong password looks like this: #n9!74ef4hwV – or this: XiMDBJ5rm09e . It would take a criminal less than 30 second to crack a password like jean57 – but it would take a criminal a trillion years to crack jeKtpiV6zS59iM .
Create Random Strong Passwords
Once again we remind you that it’s great to use an online password generator to generate strong passwords, but in order to remember them, you’d have to write them down, or copy/paste them to a Word doc or text file and store it unencrypted on your computer. Do you really think that’s secure? What does common sense tell you?
We urge you, we implore you, (we’d grab you by the hand if we could) to install a good password manager. If you’re looking for a good password manager that is free and stores an unlimited number of logins – you could not do better than LastPass. It’s free, it has a built-in password generator – that not only generates extremely strong, complex passwords, but stores them encrypted – and even fills in Web forms for you automatically. LastPass also has other features too – like Secure Notes where you can store sensitive date – like credit card numbers in encrypted form.
Do NOT use your name, dictionary words, or simple passwords like 1234567 or 7654321 for your passwords. NEVER use the same password for more than one account. Always use strong passwords for everything.
And remember: If you are storing your passwords in your browser, on paper, in a emails, in text files, Word docs or your Google Docs account, or in any unencrypted form, then it doesn’t matter how strong your passwords are – you are taking a huge risk.
Don’t abdicate your personal responsibility when you’re on the Web. Take charge. Security begins with YOU. Don’t be like the “Nowhere Man” and “leave it all for somebody else to lend you a hand…”