Hackers attack every 39 seconds and one in three Americans were hacked in the past year. Cybercrime, security breaches and ransomware have become every day topics in the media. The most common element of security breakdowns is the human component often delivered in the most innocent and innocuous way. One of the most proactive ways to prevent yourself from being a victim of cyber fraud and to protect your company is by setting a robust password.

Key Characteristics of a Safe Password are that:

  • It cannot be found in a dictionary.
  • It contains special characters and numbers.
  • It contains a mix of upper and lowercase letters.
  • It has a minimum length of 12 characters.
  • It isn’t a combination of dictionary words, place or name
  • It doesn’t rely on obvious substitutions, e.g. @ for “A” or “a”
  • It cannot be guessed easily based on user information (birth date, postal code, phone number etc.)

According to security expert, Bruce Schneier, hackers use different dictionaries: English words, names, foreign words, phonetic patterns and so on for roots; two digits, dates, single symbols and so on for appendages. They run the dictionaries with various capitalization and common substitutions: "$" for "s", "@" for "a", "1″ for "l" and so on. This guessing strategy quickly breaks about two-thirds of all passwords

To create and maintain secure passwords:

  • Create an easy to remember base password, preferably like a phrase, that is memorable to you, e.g. Virginia Commonwealth University is the best go rams. Once you have established the base, then recreate it using the tips above e.g. “VcU?t8Gr”.
  • Better yet, create two base passwords!
  • Keep important and not so important accounts separate. You should use one password for sites which hold personal information or credit card details, such banking or GMail. The second password should be used for sites that will not cause great harm if hacked.
  • Create individual passwords for each account
  • Once you have a strong base password, you can use it to create individual passwords for each of your online accounts. Simply add the first three letters of the service at the end of the base password, e.g. “VcU?t8GrGMa” for your GMail account or ““VcU?t8GreBa” for eBay.
  • Update your passwords regularly – every few weeks or months
  • Change your base password
      • Change the special character substitutions you’re using
      • Reverse use of upper and lowercase letters
      • Type the password with the SHIFT key held down

o Or change your entire password

      • Change how you identify the account, e.g. use the last three rather than the first three letters (GMa would become ail or eBa would become Bay).
      • Change the position of the letters identifying the account - put them to the front or in the middle of your base password.
  • Add the date you last changed the password at the back and record it in your calendar.

Even with a base password, since you have multiple sites, utilizing a Password manager program or web service like RoboForm (Windows only) or Lastpass (Windows and Mac) will let you create very strong passwords for each of your sites. But you only have to remember the one password to access the program or secure site that stores your passwords for you.

Remember – you are not a robot, use your human advantage to keep your records safe!

Author: Amy Humphreys

About Comtel

Comtel Communications, a telecom/technology consulting agency based in Richmond, Virginia since 1991, provides best-in-class solutions and unbiased counsel to a diverse group of small, medium, and enterprise-level businesses, totaling more than $18.2M in annual billings. Leveraging unique access to 350+ national and international providers, Comtel benefits its clients through competitive quotes from multiple sources, to ensure their business goals are met with current and dynamic telecom and technology services. Acting as a partner, long after contracts are signed and services are deployed, Comtel offers superb back-office support to manage upgrades, track orders, and provide training to clients.

Comment