Your bank data, your accounts, your email, and your life are all wrapped up in your ability to create secure passwords and remember them. And yet most educators (and their students) struggle to remember passwords. With so many passwords stolen, there are things all of us SHOULD know to make our identities and bank accounts safer.
Mark Burnett, author of the most commonly used passwords wordcloud featured on this post, says that the top 10,000 passwords represent 98.8% of all users. (This was said before services like Last Pass began being used.) So this means that if a hacker has those 10,000 passwords and takes a crack at your account, then 98.8% of us are at risk. Wake up and smell the cybercrime, friends. It is time to get savvy.
1 – Never Tape It On Your Desk
Most password theft happens because of “social engineering.” Most people keep their password taped under their keyboard or in the right or left hand drawer or wallet. Get an app like Password Caddy (http://j.mp/pcaddy) on your phone and store your password there, not out where the world can see it.
2 – Switch to a passphrase
Use a phrase instead with uppercase, lowercase, and numbers included. Ilovetofishat6:00am! is an example.
3 – Don’t be obvious
If you look at the worst passwords of 2013 (http://j.mp/worstpass) 123456 and password top the list. (Sunshine and letmein are also in the top.) Don’t use your spouse’s name, kids, grandkids, birthdays, phone numbers or a keyboard row of any kind.
4- Never save your passwords in your web browser
Unless you’re using LastPass or another secure service, this is the worst way to save your passwords.
5 – Have a unique password for your bank and email account NOW
When you sign up for a site that asks for your email and password – DON’T ENTER YOUR PASSWORD TO YOUR EMAIL. It is asking you to set up a NEW password for that particular site. No one will ever ask for your email password. No one.
Your email password and your banking password should be unique and NEVER USED AS THE PASSWORD ON ANY OTHER SITE.
6 – TRICK: substitute numbers and letters
Pick certain numbers to replace letters – like a code — you could always use the number 7 instead of T’s for example.
7 – TRICK: Use the site name somehow in the password
You can have a system for passwords but make them unique by using the site name you’re logging into somehow.
8 – Use a password manager
Many experts are recommending password managers after the Heartbleed bug impacted 60% of e-commerce websites. (http://j.mp/pwdmgr)
Remember that if you mess up and forget your master password for one of these services you’re locked out of everything permanently. You could write it down and lock it in your safety deposit box. One Password, LastPass, Dashlane are 3 good ones. (I use LastPass and love it but it does take some getting used to.)
9 – Use a fingerprint reader
Biometrics or the using of your fingerprint or some other unique identifier related to your biology is definitely the way things are going. I love the fingerprint unlock on my iPhone 5s. (NYMI has a heartbeat sign in tool they say is coming.)
10 – Lock your screen and log out
If you step away from your computer or mobile, set it to lock or log out. This is particularly important for teachers.
If all of this overwhelms you, get LastPass and be done with it. Only .18% of us have completely unique passwords. It is time to wise up – we can do better.
Having a method to remember highly secure passwords will keep you and your loved ones safe. Spread the word.
This article was adapted from one I published in my newspaper column for the Camilla Enterprise/ Pelham Journal.