Submitted by John Snelling on Tue, 2009-02-10 12:00
Before I get into what to be aware of in terms of spam, virus and other dangers to your online existence, I wanted to touch on a very important topic — passwords. I can not go on enough about how important it is to have a secure password for any of your online uses. I will describe later what makes a secure password, as well as some do’s and don’ts when choosing a password.
So what makes a good password? A good password first and foremost is something you can remember. If you can’t remember the password, it will not do you any good. If you are afraid of forgetting your password write it down, but don’t write it in an open plain sight area. For instance, don’t write it on your monitor or keyboard. I know this may sound like a given, but in my line of work I have seen it many times. Instead, put the password on paper in a sealed envelope in a locked drawer, or, better yet, a safe. You can now find many lockable money drawers. Also, do not store your passwords in an unencrypted text file on your computer or the internet. This includes Microsoft Office documents, PDFs, email, etc.
Next, a good password is something that is secure. Well, what makes a secure password? This definition might be different for every site or service you use. For instance, some sites require or allow capital and lower case letters, numbers and symbols. A secure password would not be your first, middle or last name. As a matter of fact it should not be a word in any dictionary. Dates are also a bad idea. For instance, june1981 or june5 would not be a good idea. Your password should be a mix of letters and numbers at the very least, and if you can remember them, put in special characters. Also, a minimum of 6 characters is a good length to start from.
I was once given a tip from an important person to my IT career path. It was in a class that I probably shouldn’t have taken but am reminded daily of how lucky I was to take it. The tip was this: “Take a poem, a sentence or a line of text. Write it down, then take the first letter from each word, write them down.”
So based on this idea, if we used the sentence:
“In each of us two natures are at war.”
We would get the password ieoutnaaw. Now this password would not necessarily be the most secure; it is over six characters, but it does not contain a number or a special character. What I would do next is convert number sounding words to the number itself. For instance, two, too, or to become 2, one would be 1.
I also break up compound words with numbers into a letter and the number. For instance, everyone would be e1, into would be i2. So with this idea we could turn the previous example into ieou2naaw. If you wanted to make this even more secure, you could take words like at, pound, dollar, percent, and star into @, #, $, %, and *. You could also use questions and exclamations instead of sentences.
Take the following question:
“Can I call you from time to time?”
It could be cicyft2t? You can also change words that sound like letters into those letters. For instance you becomes u and eye becomes i. Using the last question you might use cicuft2t?
One last suggestion on password letter choosing. If you have a letter that should be capitalized in your sentence or question, capitalize it. In the previous example your password would be CIcuft2t? I tend to not capitalize the first letter. So my choice for this password would be cIcuft2t?
If you are a touch typist, you should try to memorize where the keys are for your password. This way you can type your password without hunting for the keys. This is so you can cut down on your chances of having your password stolen by someone looking on. If you have someone looking over your shoulder your password could be compromised. Along these lines, do not tell anyone your password. Think of it as your
checking account and routing number – you wouldn’t hand that out to anyone. The same would go for your password.
Finally, when using your new password online, don’t use the same password everywhere. I know this may seem a bit eccentric but as anyone watching the news in the last year knows that company IT security is not always the best. This means your password could be stored in a plain text database or somehow otherwise compromised. If you use the same password in every location, other data stored with your password (checking account number, credit card, or other info) could lead a hacker to find your other accounts.
I realize that this has been a long read, and I thank you for sticking it out. If you have any comments, questions or concerns please don’t hesitate to contact me directly, or use The Connected Parent Contact Form and one of our authors will get back to you as soon as possible.