Tuesday, January 13, 2009

Protecting Your Account with Effective Passwords

I used to be very lazy about my Internet passwords. There are just so many darn sites out there, and you can't really be expected to remember a password for all of them, can you? Then, catastrophe struck one of my friends. She used the same password for Gmail as she used for a bunch of other sites, and one of those other sites was compromised. Spammers ended up spamming like crazy from her account. Luckily, they spammed her husband, which is how she figured out that someone else was using her account.

After that, I went crazy changing my passwords. The most important passwords to keep different, secure and difficult are for your bank, your credit cards, and your email address.

My email, you might say? How could that be as important as my money? Well, what does your bank do when you forget your password? That's right.... they email you the link to create a new one. Keeping your email address secure is a way to keep all your other accounts secure.

What can you do about it?

1. Don't reuse passwords for your important accounts. A password is only as secure as the least secure site you use it on.

2. Make it hard to guess. Again, a password is only as secure as you make it, and if you use the password "password" (which a very surprising number of people do), it's not going to be that hard to guess. Use a mix of letters and numbers, and make it at least 8 characters.

3. Write it down. As I read somewhere once, "we've already developed a system for keeping important, private information secure. It's called a wallet."

4. Get help. I use 1Password, and it generates random passwords, keeps track of stuff, and can auto-fill passwords across browsers. And then I keep the password for 1Password very secure.

There are also lots of passwords you don't have to worry about. Unless you are worried about people masquerading as you, any passwords you need for message boards, photo sites or any sites where you don't have a credit card on record, re-using the same password is fine.

No comments:

Post a Comment