Password Do’s and Don’ts
by Dharma Kelleher
Hacking happens. There are people all over the world who would love to break into your online accounts. Even your social media accounts can give illegal hackers valuable bits of information that can allow them access to more sensitive accounts like your bank or credit cards. The best way to keep them out is to follow best practices when it comes to your passwords.
It boggles my mind that people still use passwords like PASSWORD, PASS1234, 12345678,QWERTY, etc. They also use normal dictionary words, names, and dates.
Most serious illegal hackers use programs that can make multiple attempts per second, using a database of common passwords, names, and words from the dictionary. Hacking such passwords is child’s play. Ideally your passwords should comprise a random string of letters (caps and lowercase), numbers, and symbols.
Do Use a Password Vault
There are a number of programs called password vaults that will store your passwords for the different accounts you use. Some work on your entire device, others on just a specific web browser like Firefox or Chrome. The advantage of using a password vault is that it will store all of your passwords for you. Most also come with a password generator that creates randomized passwords using random strings of letters, numbers, and symbols.
The more complex your password is, the harder it is to hack.
Don’t Reuse Passwords on Multiple Accounts
Using the same password for multiple accounts makes it that much easier for a hacker to get at the good stuff. Every account a hacker has access to can potentially provide key information (favorite pet, first grade teacher, mother’s maiden name) allowing access to more sensitive accounts. Using a password vault helps avoid this trap because you don’t have to remember which password you used for which account.
Don’t Use Your Username as Your Password
Just don’t! It just makes the hacker’s job easier.
Don’t Use Usernames like “Admin”
At one time, the default username for WordPress and other apps was “admin.” But using this as your username means the hacker can focus on your password that much more quickly.
Beware of Phishing
Every once in a while, I’ll get an email that purports to be from PayPal, claiming that my account may be at risk. It looks just like a real email from PayPal – with all the right graphics.
The temptation is to click on the link in the email to take care of the problem. But the reality is that this is a form of social hacking called phishing. The link is to a site that looks a lot like what it claims to be, but really it’s a site designed to steal your information. You sign in using your username and password. Now the hackers have all the information they need to empty out your PayPal account.
Hackers use phishing for a number of different types of accounts, including bank accounts and social media. The best way to avoid the risk is not to click on links in emails. Just log on to your account directly from your browser. Also be sure to report any phishing emails you receive to the real website.
Make Life Hard for Hackers
There is still no guarantee you won’t get hacked. But don’t make their job easy for the bad guys. Following these precautions will reduce your chances of getting hit.
Dharma Kelleher writes gritty, engaging fiction about gay, trans* and queer-identified characters. She works as a professional web developer for ZenPunk Web Works. Her hobbies include riding motorcycles, making snarky comments on Facebook, and shocking people with her latest haircut. Learn more about her and her writing at dharmakelleher.com.