Tech Tips from InfoPathways
Why Do We Have Passwords?
January 16, 2015
Seems like a silly question, doesn’t it?
Why do we have passwords?
We have passwords to keep data secure. It’s all about security. Sensitive data, such as personal information, contact information, SSNs, bank accounts, credit card numbers, and much more needs to be protected.
How do we make sure our data is secure? It’s not really about HAVING A PASSWORD itself. It’s about having the right characters in your password, it’s about how you store your passwords, and it’s about how often you change your passwords.
All too often, people use too simple of passwords, or passwords that contain personal data.
What should a strong password contain?
- Alpha Characters
- Uppercase + Lowercase
- Special Characters
Sometimes accounts require or disallow certain characters. Their guidelines are in place to ensure your passwords are stronger which improves the security of your account and/or data.
What should a password NOT contain?
- The Word “Password”
- Address Number
- Date Born
- Your Name
- Your Husband’s Name
- Your Children’s Name
- Your Maiden Name
- Your Father’s Name
- Your Mother’s Name
- Your Pet’s Name
- Your Favorite Color
- Your Place of Birth
...or any other personal data that someone could research and find!
How should you store your passwords?
Where do you keep your passwords… in a notebook? On a sticky pad? Under your keyboard? In an Excel Spreadsheet on your Desktop? All of these are VERY bad ideas. These ‘hiding places’ are common and easy to find. If you have too many passwords to store in your memory, then look into a secure password program.
We recently saw a sales ad for a Password Logbook in a catalog. Get your purse stolen with this bad boy in it and it will cost you a lot more than $4.95 and some gift cards.
How often do you change your passwords?
It is good practice to change your passwords on occasion. This is important because it’s so easy nowadays to get spyware accidentally installed on your computer. Spyware tracks things like keystrokes and looks at your browser history to find sites that you are still logged into. If you do not change your passwords regularly, change them immediately if something seems odd, or if appears you have been hacked.
Have you received an email that you need to reset your password? Do not fall for it… the only time you should receive that notice is if you request support due to a forgotten password, or if you know an account requires a changed password after a certain amount of time. The safest thing is to make sure you are going to the actual website as well… and if you are feeling unsure, scan the webpage scrupulously. It is not unheard of for there to be look-alike websites using very similar website addresses, all set up with the purpose of collecting and abusing your personal data.
Oh yeah, notice that the title of this section is PASSWORDS, plural? You should vary your passwords. It’s easier to have just one, yes, but definitely change it up from one account to the next, if not for all, at least for the important ones. (IE: Email, Bank Account, PayPal, Ebay, Shopping Sites like Amazon.com, etc.)
Recovery + Back-Up Questions
Always keep your accounts up to date. If you change your email, it will be important to update all your accounts associated with that email address should you ever need to recover a forgotten password.
As far as password recovery - do you think those “I forgot my password” questions are helping you out? They’re not. Confirmation that an account is yours answered in three questions:
- What’s your mother’s maiden name?
- What’s your favorite color?
- Where did you go to elementary school?
You could find the answers to all three of these after looking someone up online for 10 to 20 minutes. Our recommendation is to create fake answers that you know you won’t forget. Or ask ridiculous questions only you can answer in the event that they allow you to write your own. You’re looking for questions or answers that you haven’t posted publicly on profiles or shared on social media websites.
Save it or DON’T Save it?
Should you create an account when shopping at that website? Probably, it can be helpful to be able to log back on and see your previous orders, or to track your package. But should you save your credit card and / billing information? NO. Keep that credit card secure – use it and put it away. Don’t save it to your shopping account. If someone hacked in, they could blow your budget in a heartbeat.
Keeping data secure continues to become more and more challenging due to the number of threats out there.
Be aware of good practices and keep your data safe!
Please share this article with your friends and colleagues!