Nancy wrote up a good article on setting memorable and safe passwords some time ago, and now it is time to remind everyone that setting good passwords is crucial to keeping your online information safe.
One thing that the average Internet-user might not be aware of is that when someone is trying to break into your online account, they aren't sitting at the keyboard and typing in a bunch of different passwords. What they do is run a program that continuously tries a whole lot of different passwords in an attempt to eventually get in. These programs run at all times of the day and night. They try all your favorite online sites, and also scan for well-known services (like email services) across all of the addresses on the Internet. What this means is two things: 1) they are very efficient at hitting everyone's accounts, and 2) they will hit accounts at even small online service providers.
You can kind of relate this to spam -- if you get spam, then most likely someone out there is also trying to login to your accounts. Unlike spam, which you can readily see, you wouldn't even know if someone was trying and failing to get into your online accounts.
If your primary defense is your password, what is a good password? Well, anything random, or seemingly random is a good start. Combinations of numbers and letter, both upper and lower-case, gets you way ahead.
- Typical hacking technique involves the use of dictionary words. Don't use a word that can be found in the dictionary.
- It is easy to take a word from the dictionary and add some numbers to the end. Use numbers in your password, but try to mix them into the password itself, instead of just tacking them onto the end.
- Don't just use a sequence of numbers, as this is also very easy for hackers' programs to iterate through.
- Change your password periodically.
- Use different passwords on different sites/services, even if they just vary a little bit.
- Use numbers and letters mixed into the password.
- Use capital and lower-case letters in various combinations.
To round this out, I just want to put out a couple of MRSware-specific suggestions that Users should consider:
- Don't use the same password for everyone in your company. It is not necessary.
- Use a different password for your MRSware Login and your Mailbox (POP3/IMAP) login.
Be safe, and have a happy holiday season.