• Stop being a LURKER - join our dealer community and get involved. Sign up and start a conversation.

How secure is your password? (newsletter from PC Tools)

ghen

Boss
Oct 14, 2009
260
2
First Name
call me Jason
[FONT=&quot]I got this newsletter from PC Tools. It goes over some nice easy ideas for creating complex passwords.
[/FONT]

[FONT=&quot]
[/FONT]

[FONT=&quot]How secure is your password?[/FONT][FONT=&quot]

With most websites requiring you to create an account, do you find yourself in a bit of a pickle when it comes to inventing passwords? Many people use the same password for all their online accounts and often forget the password they came up with months ago. Hands up who doesn’t feel like banging your head against the wall trying to remember the password you created months ago?

Let’s face it - everyone has problems with creating and remembering secure passwords. That’s why we decided to help.

[/FONT]
[FONT=&quot]Tips on how to create and remember your passwords:[/FONT][FONT=&quot][/FONT]
[FONT=&quot]•[/FONT][FONT=&quot][/FONT]
[FONT=&quot]Use the first letters of a sentence that you will remember[/FONT][FONT=&quot],e.g. "I have 3 cats: Fluffy, Furry and Shaggy" gives: Ih3c:FF&S, or “Bouncing tigers have every right to ice-cream†becomes: Bther2I-C.[/FONT]
[FONT=&quot]•[/FONT][FONT=&quot][/FONT]
[FONT=&quot]Take the name of the website and then add your personal twist[/FONT][FONT=&quot], like your height or your friend’s home address (e.g. “AmazonOceanRd6’2â€). Avoid using your own contact details like your phone number or house number.[/FONT]
[FONT=&quot]•[/FONT][FONT=&quot][/FONT]
[FONT=&quot]Remove the vowels[/FONT][FONT=&quot] from a word or phrase e.g. "I like eating pancakes†becomes: Ilktngpncksâ€.[/FONT]
[FONT=&quot]•[/FONT][FONT=&quot][/FONT]
[FONT=&quot]Use a phrase from your favourite book[/FONT][FONT=&quot] and then add the page, paragraph or chapter number. [/FONT]
[FONT=&quot]
The Do’s and Don'ts of creating passwords

[/FONT]
[FONT=&quot]Do:[/FONT][FONT=&quot][/FONT]
[FONT=&quot]•[/FONT][FONT=&quot][/FONT]
[FONT=&quot]Mix letters, numbers and symbols, and use case sensitivity[/FONT][FONT=&quot] (upper and lower case letters)[/FONT]
[FONT=&quot]•[/FONT][FONT=&quot][/FONT]
[FONT=&quot]The longer the better. [/FONT][FONT=&quot]Use passwords that are longer than 6 characters.[/FONT]
[FONT=&quot]•[/FONT][FONT=&quot][/FONT]
[FONT=&quot]Change your passwords[/FONT][FONT=&quot] at least every 60 days, cycling the numeric values up or down makes the new password easy to remember. [/FONT]
[FONT=&quot]•[/FONT][FONT=&quot][/FONT]
[FONT=&quot]Try copying and pasting at least some of the characters in your password[/FONT][FONT=&quot] that way keyloggers won’t be able to track your keystrokes.[/FONT]
[FONT=&quot]
[/FONT]
[FONT=&quot]Don't:[/FONT][FONT=&quot][/FONT]
[FONT=&quot]•[/FONT][FONT=&quot][/FONT]
[FONT=&quot]Don’t use words or phrases or numbers that have personal significance[/FONT][FONT=&quot]. It is very easy for someone to guess or identify your personal details like date of birth.[/FONT]
[FONT=&quot]•[/FONT][FONT=&quot][/FONT]
[FONT=&quot]Avoid writing your password down[/FONT][FONT=&quot], use a reputable password manager to manage all your passwords.[/FONT]
[FONT=&quot]•[/FONT][FONT=&quot][/FONT]
[FONT=&quot]Don’t use the same password for several logins[/FONT][FONT=&quot], especially if they involve sensitive financial or other personal information.[/FONT]
[FONT=&quot]•[/FONT][FONT=&quot][/FONT]
[FONT=&quot]Don’t tell anybody your password.[/FONT][FONT=&quot] [/FONT]
[FONT=&quot]•[/FONT][FONT=&quot][/FONT]
[FONT=&quot]When registering on websites that ask for your email address, [FONT=&quot]never use the same password[/FONT] as your email account.[/FONT]
 
I practice - Take the name of the website and then add your personal twist.

This way all I always have a different password for each new login. I have slacked on this lately and reverted back to my "usual" password so thanks for bringing this up!

Also - I'm a avid user of my password keeper on my blackberry!!!
 
1password for the Mac....nuf said.

1password won't help if your laptop gets stolen. Keeping passwords in computer memory is only secure if you truecrypt the entire drive. It WILL however avoid being exploited by keyloggers. I see keyloggers on about 1 in 20 virus infected computers so its well worth it for that.

A password vault on a mobile device is a good 2nd option to brainpower. Since the blackberry vault is encrypted it can't* be hacked, and since you don't use the vault to directly access websites it can't be circumvented.

Password Keeper and KeePass are another two good mobile solutions. Password Keeper actually wipes the vault clean if you fail to login 10 times in a row so it can't be brute force hacked. KeePass works on many more platforms and is freeeee :)


My wife plays an online MMO (Runes of Magic) that goes so far in that it uses an on-screen keyboard that constantly changes position if you want to type in your password securely. Even if someone is tracking mouse clicks they can't follow the random keyboard!

[/paranoia]

*so far
 
Last edited:
1password uploads backups and accesses to DropBox and MobileMe ;)

Get off the PC and learn a little more :p

Nah, I ment that if I can login to your laptop (which is trivial without encryption) I can check the history for interesting sites and 1password will just insert the form data for me. Or do you still have to type a master password to do that?
 
Alex, you're turning into one of those Mac droids...

I need a new computer ... Get a Mac
I need a computer that can handle (fill n the blank) ... Get a Mac
I need to secure passwords ... Get a Mac stupid
I need a back rub by a beautiful busty brunette ... Get a Mac!

What happens when you're not on your computer? I know this thread is more about "security" but we don't always have our laptop in our back pocket. - f%&k, I need a Mac.
 
You have to type a master password. You also have to type a master password to get into my laptop ;)

Well the master password for 1password is great, that means its not so easy. Your master password on the laptop though is trivial if I get physical access to the machine ;) the OSX install CD actually has a function for resetting all the passwords LOL