Protect your passwords
Track your IDs and keep important information safe
By Janna Rosenstein
Wouldn’t it be great to just flash a virtual entry card and log right in to your favourite sites? No more usernames and passwords, no more frustrating failed log-ins, no more hacked accounts. Easier access will soon be possible as more and more web sites begin accepting OpenID.
OpenID allows you to log onto your e-mail, blogs, shopping sites and more, all using the same unique digital identity. Essentially, the technology uses your personal web address to verify who you say you are rather than have you type in names and passwords. But until technology like OpenID becomes the standard, passwords remain a must.
IN THIS STORY
Why we need multiple passwords
While it may seem simple to use the same password for every site, a hacker only has to crack it once to access your entire online life.
“For the same reason that you wouldn’t want to have the same key open your office door, the front door to your house, your car and your safety deposit box, you don’t want to use the same password for multiple sites,” says Max Stocker, a software developer in Toronto, Ont.
You should create unique usernames and passwords for
- your computer log-in
- your e-mail accounts
- your bank accounts
- every other site you visit online
Hack-proof your passwords
We often choose passwords that are simple to keep track of, such as our pet’s name or the street we live on, but those passwords may be easy for others to guess.
Ethel Taylor* of Montreal, Que., thought nothing of sharing the mundane details of her life with a friend she met in a chat room. But it came as a shock when the friend hacked into her e-mail account by using her son’s name as the password.
According to Stocker, there are four keys to developing strong passwords.
- Reach the upper limit of what a system allows for length. If the maximum length is 15 characters, aim for 13 to 15 characters.
- Use a mix of upper- and lower-case letters, numbers and any spaces or symbols allowed by the system.
- Avoid using dictionary words as they are easily hacked.
- Never use personal information.
What technology is out there?
Once you’ve created strong passwords, it can be tricky remembering them all. Experts warn against writing passwords down or storing them in an unencrypted file on your hard drive where they can be easily accessed.
Password storing software:
Available for use online, for download to your computer or as a browser add-on, these applications allow you to store all your log-in information in one place, protected by one master password. If used correctly, password storing software can be both safe and convenient. Some options include:
File encryption:
If you do choose to keep a list of passwords on your computer, be sure to encrypt the file so no one can access it. File encryption tools such as BitLocker for Windows Vista can protect sensitive data from prying eyes.
Fingerprint readers:
If you have trouble remembering passwords, consider a fingerprint reader. Your stored usernames and passwords become accessible by scanning verification of your fingerprint. Many new computers have readers built in, but you can also buy them separately. Microsoft’s external Fingerprint Reader is one example.
Stocker says fingerprint readers can be fairly secure, but you should still exercise caution. “Be sure to research the device you choose and be careful storing and using the device. Not all fingerprint readers store information in a fully secure manner and they may not protect you if your computer is compromised in another way.”
Kids using the computer?
The passwords kids create are often very easy to guess. Help your children stay safe from hackers:
- Teach them how to create strong passwords.
- Explain that sharing passwords, even with friends, can be dangerous.
- Remind them to change passwords often.
Good advice, for both kids and their parents!
*Some names have been changed.
