Tech Trends #6 - Password Security

It happened again. A large social media website was hacked and millions of passwords were exposed. LinkedIn.com, the social media site primarily focused at the business professional, was the latest victim. It has been reported that more than 6.5 million users' passwords were stolen in the hacking. Some estimate it's as high as eight million. The online dating site eHarmony.com was also hacked.

Do you have a LinkedIn or eHarmony account? If so, then it's time to change your password. If not, it's time to change your password as well. It's good to be aware of what passwords you use across the web and to change them often.
Here are some helpful tips on password security:

Don't use the same password everywhere
It can be a hassle to remember all those passwords. So, why is it be beneficial to have different passwords for each website that requires a login? Well, as I've already mentioned, websites can get hacked, and people can gain access to your passwords. If you use the same password for everything, they now have access to everything else.

How to remember all your passwords
So, now that you've create different passwords for each of your online accounts, how are you going to keep track of them all? Don't write them down. That's extremely insecure; especially if you plan to keep that list of passwords next to your computer.

As with many things these days, there is indeed "an app for that." My all-time favorite is an app called 1Password (https://agilebits.com/onepassword). It's a nifty program that you download and install on your Mac or Windows PC (they also have iPhone, iPad and Android apps). It is a password manager. You can store all your individual passwords and encrypt, or secure, all of them with one master password. You only need to remember this one single password.

The really nice thing about 1Password is that it also ties into your web browsers, like Chrome, Firefox and Safari with a handy icon so that when you want to login to a website, click this button, type your master password and 1Password will automatically fill in the blanks on the site and log you in. You never have to see or type an individual password.

How to choose a strong password
Don't use passwords like "secret," "password," "123456," or even something like "passw0rd." These and passwords like them are by and far the easiest for hackers to guess.

There are two things you should think about when creating a nice, secure password:
1) how easy is it for someone to guess?

2) how easy or how long would it take a computer program to figure out?

You don't want a password that is easy for someone to guess. A nefarious hacker would easy try a few easily guessable password right off the bat. Phrases like "password" and "secret1" are easy to guess. They're too obvious. Even a password that you think would be difficult to guess, is probably the complete opposite. For example, a password that includes some personal details like your birthday, street address, child's or pet's name are all easy for someone to guess. All this probably takes is a simple Google search or a browse of your Facebook page.

The second part of a good password is make it difficult for a computer program to brute force the password. A brute force attack is when a computer program systematically checks all possible passwords until the one is found. This can take a lot of time if your password is a good one.

Surprisingly, you would think a password phrase like "BLrbWC26q" would be a strong password. After all this password is darn near impossible for someone to simply guess. But, for a sophisticated and powerful computer program running a brute force search would find this password in less than two days.

A simple phrase of easily remembered words is more difficult to crack by a computer. This is nice because it gives us the ability to create passwords that humans can remember but are difficult to guess by other people and by computers. In password cracking, it's an all or nothing game. Guessing part of a password doesn't matter. Therefore, a password phrase of "apple cat dog sandwich" would take a supercomputer one hundred trillion guesses. It would also be pretty difficult for someone to personally guess that exact phrase with those words in that exact order and with those spaces in between. That's a good password.

- This story was originally published on June 14, 2012 on Covnews.com.