My F&M

Creating the Perfect Password

Share This Article

With the end of the second quarter, we offered something new, the ability to access investment appraisals on-line. This is just the beginning of what we plan to have available on-line. Over time there will be an archive of appraisals and in the future financial planning reports will also be available.

Use of the internet to access personal and confidential information is rapidly growing. Bank and investment accounts, bill pay, and personal medical information are all available on-line. Unfortunately there are individuals, known as hackers, who attempt to access private information by cracking passwords. The following article includes tips on creating secure passwords.

First, it is important to understand a few of the ways hackers crack passwords. They can use the dictionary method, which compares a list of words, character combinations, or phrases until a match is made. This method can take time. A more effective way of finding out a password is through social engineering. This method encompasses several different tactics but the underlying idea is the same; collect bits of data in various ways until enough has been gathered to access accounts or information. One way is to search personal things and find the hidden password (i.e. under a keyboard, in a desk drawer or the trash). Hackers will also use phone calls or e-mails that appear to be from someone else (i.e. your credit card company) to request confidential information. They will then use this information to attempt to crack the individual’s password. So does all of this mean that we should not use the internet to access personal information? No- remember mail fraud is also a concern. What it does mean is that we need to be smart when creating our passwords.

Passwords should not be words found in a dictionary, proper nouns, foreign words, or words with numbers added on to the end. Furthermore, avoid taking a word and simply writing it backwards. These are all ways that are easily cracked. Avoid using any personal information. Examples include the following: social security numbers, phone numbers, important dates such as birthdates, address information, and names of children, spouse, or pets. Also, do not use a variation of your login for a website as your password.

When looking at the list of what not to do you are probably wondering how anyone can create a password that they will remember and that is difficult to hack. Actually, there are just three main things to remember: length, width, and depth. First, consider the length. The longer the password is the better. Passwords at a minimum should be six to nine characters long. Second, the width of a password refers to characters used in the password. Mix up the password using letters, numbers, and special characters or symbols. Also, use both upper and lower case letters. The greater the variety in the password the harder it is to crack. According to Microsoft, a password that is eight characters in length and utilizes lower and upper case letters, numbers, and symbols can take at least two years to crack!! The third thing to remember is depth. Depth refers to creating a password that is not easily connected to you. Another way to put it is a good password is easy to remember but difficult to guess. One way to do this is substitute letters with numbers or characters. If you know a phrase, a line from a song, or a short quote that you will remember consider using the first letter of each word from the phrase and substitute some with characters and numbers. For example, consider these words from a song, “Raindrops on roses and whiskers on kittens”. This phrase could become the password R0r@W*k.

Once you have created a new password, change it frequently. At a minimum, passwords should be changed at least annually but several experts recommend quarterly. Another recommendation is to not use the same password for different accounts or websites, to avoid a hacker potentially gaining access to all of your accounts. Finally, do not store your passwords in a file on your computer or post them around your computer. The best thing is to remember them but if you must write them down store them in a safe location that is not easily accessible by others.