In today’s world you need a password. For every website, service or application that password should be different from all the others in case someone was to guess or break into that single password. Everything online wants a password and a lot of like your bank, Amazon, eBay, BestBuy, your hosting company for your website, your internet provider and lots of others can hold your credit card online. Sure, they can’t get the number and maybe they want the CVV number from your credit card to make purchases. On the other hand, what if they don’t.
In today’s world you need to pay attention to your passwords and honestly, 99% of the people aren’t.
The Password Problem
I talk to a lot of people. I’m an IT consultant so I am an IT Administrator for hire. I have a nice user base and I make sure their computers, their network and there way they make money works. Not one in the day to day world is taking the time to follow strict password guidelines.
What it takes to make a decent password
I see people who don’t have capital letters in their passwords. This is bad, make your passwords hard. Use at least one capital letter in your password – no matter what. Use two, because – it’s protecting your stuff. You should be able to press shift twice to ensure your basic defense is covered.
Come on people. If your going to use capital letters, make sure you put in 1-4 numbers. I hear passwords that are one word and I tell them it’s password and it’s terrible. You know you should be doing it. Now is the time to start.
I know you hate them. I know you don’t like to type in strange characters like:
I get it, but you will once your know how to use them. Just put two in at the end of your password. Try something like BobsPassword4**. If that is your password, as working IT administrator – I will never give you a hard time for this password.
Don’t use the top easy passwords
Do not use the top easy passwords. Here is the list.
1. 123456 (Unchanged)
2. password (Unchanged)
3. 123456789 (Up 3)
4. 12345678 (Down 1)
5. 12345 (Unchanged)
6. 111111 (New)
7. 1234567 (Up 1)
8. sunshine (New)
9. qwerty (Down 5)
10. iloveyou (Unchanged)
11. princess (New)
12. admin (Down 1)
13. welcome (Down 1)
14. 666666 (New)
15. abc123 (Unchanged)
16. football (Down 7)
17. 123123 (Unchanged)
18. monkey (Down 5)
19. 654321 (New)
20. !@#$%^&* (New)
21. charlie (New)
22. aa123456 (New)
23. donald (New)
24. password1 (New)
25. qwerty123 (New)
Think like someone is always trying to guess your password
If you have one of those as your main password, you are going to get hacked. If I was a hacker and I was going to use tools to guess passwords. I would download a list that contents the top 50,000 easy passwords and try and guess it. We will always try and use the easy way against you. If I can use my beefy computer to site their and try and guess your password for 3 days – there is a chance someone will get it.
Don’t use rolling passwords
On that topic of guessing passwords, please don’t use the same password and just roll the ending number. Don’t use Password1 for January and Password2 for February. This defeats the entire reason that policy was put in place for in the first place!
Why a password manager is pretty much a must.
When you are using a password manager you can have random password for all your accounts. This way your passwords are always complex and different between sites. Most password managers give you the ability to randomly reset passwords, so if you feel your password has been compromised you can just get another one.
When your password manager is configured correctly, it will auto login to websites for you. You will start to forget what typing a password in is like.
Saved browser passwords aren’t secure.
People seem to think that saving passwords in your browser is safe, it’s not. If someone gets in front of your computer, or uses tools to recover the browser password, they will get them quickly. On the other hand, a password manager requires another layer of authentication. If you reboot your computer, you must enter your password for the password manager. A password manager will also encrypt your passwords on your computer, so the password store is protected against attack.
HI! I’m Dave – I am an old school / hardcore computer geek. I’m also the General Manager at Dataforge. I am big into IT and small business development with technology. I want your business to grow and in turn, let me support your business and implement cool IT solutions. Dataforge is a family owned and operated computer repair and IT Services Company that covers Burlington, Hamilton, Oakville, Milton and the Greater Toronto Area.