Your passwords stink

I bet that you use the same password for more than one account.
Closeup of Password Box in Internet Browser
I bet you have a password that is on the list of 10,000 most common passwords.

I bet you don’t change your passwords regularly.

I bet you store passwords in your browser.

How do I know this? Because statistically, it’s true.

Why should you care?

Who would want to hack you? What are the odds?

Pretty good, actually. In 2014 half of all American adults (110 million people) were hacked.

What’s the downside of being hacked? Money and time. You’ll probably lose both.

Tutorials on what to do if you are hacked abound on the blogosphere. Here’s one with fun images. However, if you picture yourself having to follow this multistep process, it tends to lose it’s charm like a child actor hitting puberty.

How are all these people getting hacked?

Hackers are like two-year-olds. They are 100% focused on something and completely ruthless in achieving their goals.

Hackers are not like two-year olds. They aren’t going to be redirected by a nap or a snack.

Hackers are wily and innovative (if we could only harness this energy for good, right?). They will eavesdrop when you are working at a coffee shop, they will trick you into using their wifi and then record everything you do online, they will get malware and keystroke monitoring software on your computer by using malvertising, phishing, and spear-phishing.

Frankly, hackers care more about hacking you than you care about not getting hacked. Hacking you could be lucrative for them. Not getting hacked is just tedious for you.

1 oz. Prevention = 1 lb Cure

The good news is that you don’t have to be 100% secure, you just have to be more secure than the other guy.
running

Here’s how to clean up your action.

  1. Each account that needs a password should have a unique password. This way, if, for example, facebook gets hacked and your account information is exposed, it’s ONLY your facebook account that is hacked and you don’t have to go through every other account you have wondering if it’s been hacked and changing passwords.
  2. Use strong passwords. A strong password has the following characteristics:
    1. At least 15 characters
    2. Uppercase letters
    3. Lowercase letters
    4. Numbers
    5. Symbols (e.g. ‘!”’?$%^&*()_-+={}[]:;#@|\/<>,.)
  3. Use a password generator. Humans are not good at random and random is what will protect you.
  4. Use two-factor identification if it is available. This is annoying but effective. When google or yahoo asks for your cellphone number so that they can send you a one-time code for logging into your account, say yes. If your laptop is stolen you’ll be glad you did it.

Are you kidding me? I can’t remember a password like that.

Exactly. We’ve reached the end of keeping one’s passwords in one’s head. A password manager (NOT your browser) should be common practice. You will then only have to remember one password which will access all of your other passwords.

gC’s solution

At glassCanopy we’re using OneLogin to manage credentials for our accounts and for the accounts that our clients give us access to. This means that most of our staff never see your passwords. If we can, we use crazy-ass long random passwords (like this – %Y#k$*oou*1&t3O2). And we don’t store your passwords in a non-encrypted document labeled ‘passwords’ that we have to look for every time we want to update your blog. You’re more secure; we’re more efficient.

Susan Gamble

Susan Gamble

Manager at glassCanopy
As both a manager and web developer, Susan loves creative problem solving and learning new things. She keeps our teams on track and on budget while using her expertise in HTML, CSS, JavaScript, and PHP to build and manage web sites and marketing automation systems for clients. Susan has a MA and BA from Johns Hopkins University, and spends time in the mountains whenever possible.
Susan Gamble

Latest posts by Susan Gamble (see all)

You may also like