Internet security plays a far more important role in many people's lives than they realize. Many people use passwords for numerous websites in their daily lives, without understanding or appreciating the ramifications that a good or bad password can have. Identity theft, or theft of other sensitive personal information is increasingly prevalent in today's digital epoch, and most of this is due to individual ignorance or nonchalance. This article will provide you with guidelines to maximize this particular aspect of your digital security.
Do not use common words or phrases
Hackers attempting to break passwords can use software that uses preprogrammed lists and combinations of common words or phrases. If your password is based on something common such as a word in the English language, or a slang term, a hacker could literally break through this in minutes in some situations.
Do not use a password based on your personal information
Many people use passwords based on the name of their children, pet, spouse, place of birth, place of residence, etc. Information such as this is typically very easy for hacker to access online, especially if you utilize social networking sites such as Facebook or Myspace.
Use separate passwords for highly sensitive areas
A good practice is to have a common password that you use for everyday use, and a separate password for important things like online banking, or your stock trading account. Most people use the same password for all websites. Hackers know this, and will attempt to use a method known as phishing to get you to voluntarily supply your password without being aware of what is going on. If you use a single password for everything, then a hacker need only obtain your password to one of the dozens of websites that you may use in order to access all of them.
Examples of how you might unknowing supply your password to a malicious recipient are registering at a website that is not reputable, or through tricks to make you think that you are at a popular, established website such as Facebook, when you are really not. Using separate passwords is a way to guard against this possibility, in case you unknowingly supply your password to a malicious website.
Use combinations of letters and numbers that are not common
Using combinations of letters and numbers is more secure than using numbers or letters alone. If you are good at memorization, this can be a completely random sequence such as aet773bytu. If you are not so good at memorization, write your password down somewhere safe, or use combinations of letters and numbers that will be easier to remember.
Be careful when storing passwords on your computer
Storing passwords on your computer, especially sensitive ones, can be a big no-no for ideal digital security. This includes using the option to save your password in your internet browser. One of the major types of malware/computer viruses in existence today focuses on finding sensitive information, through means such as searching common methods that people use to store personal information on their computer. Once it has found this information, it can send it over the internet to another person, often without your knowing.
To store password information securely on your computer, type them out on a notepad or wordpad document. Do not name the document something obvious such as passwords, or website login info. Any intelligent hacker will program their malware to search for things like this. Use an unrelated name, such as tree gardening notes. For more security, encrypt this file using password protection, and keep this password in a physical location that is safe from attack via the internet. Another good technique is to type out the password information in cryptic language that is easy for you to understand, but would be meaningless to another person.
Be careful about secret questions
Many websites use secret questions that you can answer to retrieve your password if you forget. Having a strong password will not do much if your secret question is something simple that anyone could look up online. If a website gives you an option to make your own secret question, use this option and use a question that is easy to remember, but that only you could possibly know. Sometimes, websites do not give you this option, and force you to pick from a secret question that is very weak. If this is the case, it may be better to enter a random string of text that you will not remember but that hackers will not be able to figure out either.
How Hackers Steal Passwords
Brute Force
This method uses programs to try thousands of combinations per second, using things like common word lists to assist it, until the correct combination is found. If your password is a common word like mountains, it can be extremely vulnerable to this type of attack. The password mountains would survive about 10 seconds under this type of attack.
Social Engineering
This involves gaining access to people's personal information through creative means. For example, if your secret question on a website involves your pet's name, a simple social engineering approach might be to find out whether that person is a member on any pet-related websites. You can do the math from there.
Phishing
This was mentioned earlier in the article. But in the broadest sense, phishing involves getting you to ignorantly submit your password. There are numerous methods through which this is attempted, but the defense against all of them is the same: Be careful of where you enter your password.
Computer Malware
Most people who use the internet will end up getting malware sooner or later. Hackers often write pieces of malware which they spread out across the internet. When this finds its way onto people's computer, it will use a variety of means to try and gain personal information. Some malware will search through common locations for saved passwords, as was mentioned previously. The defense against this is through doing appropriate research to beef up your computer security, though tools such as antivirus/antispyware software, firewalls, etc. This is outside of the scope of this article, but it is important to be aware of, because the strongest password is meaningless if malware can discover what that password is by probing your computer.
Conclusion
Most people who use the internet are far less diligent than they should be when it comes to security measures such as passwords. The internet is not a scary place, if some basic precautions and diligence is utilized. The technology underlying most of the internet is actually extremely secure, in of itself. Most internet horror stories occur because people were careless, or refused to take 5 minutes to learn basic security measures. Follow the guidelines detailed in this article, and your password security will be better than the vast majority of internet users today.