Most of us are security conscious on several levels; we lock our homes and cars, we are cautious about our surroundings when walking in public areas, we make sure to keep our identifying documents (driver’s license, social security card) secure, and we shred any documents that might lead to our identification being stolen. Unfortunately, many of us are not nearly cautious enough when it comes to our online security.
The best line of defense against computer hacking of your online information is he use of strong and secure passwords. Most of us are already aware of this and know the basic “don’ts”:
· Don’t use names, dates, or other easily guessed passwords such as “password” or sequential numbers or letters.
· Don’t use the same password for different sites.
· Don’t write the passwords on a sticky note kept on or near your computer.
· Don’t allow your browser to remember your password.
Many of ignore this good advice because it is just so much easier to use passwords we can easily remember. If we do start using different passwords for different sites, then we may just allow the browser to save them for us because we cannot easily remember all of them. As we do more and more on the internet, there are more and more passwords to keep track of and it’s easy to become lax about password security.
Hackers use several methods to try to guess your username and password:
1. The use of automated software to try every possible character combination. They start with the easiest and most commonly used combinations. This software will eventually hit on your password but the longer your password is, the longer it will take. Using complex passwords will offer the most protection from this type of brute force attack.
2. Some hackers use a defined dictionary of the most common password combinations. This is the easiest to defend against with the use of complex passwords.
3. Another method is the use of phishing or social engineering. The emails you receive that try to scam you into accessing your account via a link in the email is called phishing. The attempt to get you to reveal your personal information over the phone is called social engineering.
Some tips for maintaining a secure online presence are to make sure your passwords are long and complex using 12-15 characters and using a mix of numbers and letters without bunching the numbers at the beginning or the end. One way to create a password that is hard to guess is to use a phrase that does not include any personal information. An example would be “p3achesaremyfav0r1tefru1t”. You can also use symbols to add complexity. You should use different passwords for all accounts that contain personal information. If you use the same password, guessing it once will give access to all your information. If there is a security breach, you want to limit the impact of the breach. The use of multi-factor authentication will also add a level of protection. Other good habits to cultivate are to not sign into your accounts from a public access computer, be sure to log out of your accounts when your are done, and use a separate email account for accessing online accounts and making purchases.
As I have noted, allowing your browser to store and fill in use usernames and passwords leaves you vulnerable to identity theft. There are several password managers that will store your information. They will also suggest passwords that are difficult to crack. These password manages store your information in encrypted vaults and they can only be opened with a master password. You should select a company that cannot see your stored passwords and that does not store your master password. Your master password needs to be very long and unique.
If hackers gain access to your accounts they can steal your account information, your money, or your identity. According to the Aite Group, a financial services company, “47 percent of Americans experienced financial identity theft in 2020. The group's report, U.S. Identity Theft: The Stark Reality, found that losses from identity theft cases cost $502.5 billion in 2019 and increased 42 percent to $712.4 billion in 2020.” Secure passwords is your first and best line of defense.