This month will be focused on web security. Being a small business owner and work from home gal I am my IT department. I do have freelancers that I work with should I need some heavy duty support however I am the first line of defense. Over the next weeks I will give you tips on what I do to stay secure and keep my business virtually running.
Passwords
Creating and managing passwords can be a daunting task, especially with the amount of applications that request a password. So let’s start with creating. *Note here: I use LastPass to manage my passwords however I do not use the auto generate feature*
How to create a great passwords:
- Avoid the obvious: Birthdays, your name, your children or spouse name, and of course password. A lot of problems can arise because hacks will go down the list of obvious choices first. For you WordPress users, please do not use admin for your sign-in. You can, and should change it upon set-up of your account.
- Size matters: Yes it may be easier to remember 5 characters instead of 10, but in the long run size does count. If you have a password with more than 9 characters it would take a hacking program about 4 months to crack it. If you can memorize phone numbers and social security numbers you can certainly handle a long password (just do not use those two options either).
- Mix it up: Many application now require you to use a combination of letters, both lower and uppercase, numbers and a symbol or special character. The strongest and best passwords have a combination of all. By adding each of these to your password it would take a hacker years to break it. Afraid you wont remember, use symbols to replace characters. For example: @ instead of A or $ instead of S, even the ! instead of a 1 will work.
Managing passwords is more difficult than creating so here are some tips on keeping your passwords in order.
- Do not be afraid to use a programs. I recommend and use LastPass for my password storage. Another popular program is Roboform, however I have not used it since finding LastPass. The reason I use LastPass is because it requires you to know a master password to access the saved account.
Besides saving your passwords, it allows you at add notes and save licensing information for application that you acquire in the cloud.
- Create multiple passwords. Do not use the same password for every site or account. If someone were able to get your password for one account then they would have it for all. There are two options you have here to solve this dilemma, create category passwords or create a standard naming system.
Categories can fall into levels such as Level 1 for super important such as banking, PayPal, credit cards. Level 2 may be important and have reputation impacts such as email, Facebook or social networking. And finally, Level 3 could be for general accounts such as blog comments, etc.
Standard naming would be a set password that add a small variation to the mix. So say you like to use S@m!@m01 (samIam01) for you variety mix you could use the last 3 characters for the site you are on. So if I would require a password you would make it S@m!@m01ant. All I did was take the last 3 letters form the URL and add it to the end of my core password.
- If you account or site has even been compromised then you need to change that password immediately. Not only should you change that account but any other who use the same password if you are using the level system. This seems like overkill however, better be safe then sorry since they got into one account. This is also a great reason that you should have multiple passwords.
Do you have a great system for creating passwords? How to you keep them manageable.
Next up: Spotting the scams and protecting your computer
