STORY BY
Shopping online this holiday season? If you’re using the same password on each site that you use for email, online banking and bill paying, you may indeed “give the gift of giving”—to hackers.
What if someone could log into your email account? What could he find out about you?
Your mom emails you twice a day—he now has your maiden name.
You send coworkers photos of new puppy, Fluffy—he now has your pet’s name.
Are you registered online with a particular bank? Do your Amazon.com shipments come to your home address? Did you lose the password to your credit card’s Web site, prompting an email reminder to you?
Your emails can offer as much information to prowlers as if they had broken into your home—better—because all of your information is in one place—complete with a search feature. “For most people, possessing the password to someone else’s email account would seem fairly innocuous,” says Thomas Madden, chief information security officer for Information Technology at The University of Texas Health Science Center at Houston. “However, access to your primary email account could allow a less honest person to reset your password to that or other accounts without your knowledge.”
We’d like to think no one would hack into our accounts, but plenty of people welcome such an opportunity and profit from it. “Access to banking or financial sites are among the most sought-after identities, and frequent targets for hackers via key-logging or password-caching malware,” says Madden.
So, how can you keep your information safe? Simple: the non-decodable password.
The most important criterion for your password is that it’s memorable. You must be able to memorize it. Jotting down your password on a post-it note and sticking it on your monitor next to the grocery list defeats the very purpose of a “secret password.” You wouldn’t leave the key to your house dangling from the lock— on the outside. Madden explains writing down a password or storing it in a file on a computer can allow for someone else to gain access to accounts and personal information.
“The days of keeping your password on a notepad or stored under your keyboard (think key under doormat) have long passed. Similarly, keeping passwords stored in a file for archival purposes should be avoided at all costs. Password files stored in central locations or even on PDAs or smart phones, are subject to loss of the confidentiality and integrity of the file.”
When you don’t write down your password, there’s only one place to keep it—your head.
Are you ready to create your super-secret, non-decodable password? First, let’s forget the “word” in “password.” Someone’s going to need more than a word to get to the most vital information about you.
Forget about your spouse’s name, pet’s name, phone number, birth date—forget about actual words. It’s time to get a little more creative. Think about something you do on a regular basis and come up with an easy to remember phrase. Try something such as:
It’s no ‘Fluffy123’, but easy enough to remember, right? Once you’ve created and changed your password, check to see how it fares with Microsoft’s Password Strength Checker.
You’ve probably just come back to reading this after going into your account settings and changing your password from ‘John123’ to something that resembles a comic strip curse word. You’re feeling pretty good about this password of yours; no human nor computer could ever crack this one. But before you go into your account settings and make it the password for every Web site you’ve joined since 1995, go back a few steps.
You don’t need an exclusive password for every account you have, but if someone manages to crack the one you’ve just created, you won’t want him to have access to your personal World Wide Web. Don’t worry, you’re not alone. Many people have the same password for all their online accounts. Having different passwords, however, will help keep your information safe in the event one of your accounts is compromised.
To help remember multiple passwords, try tacking on a letter or two that represents the Web site you’re accessing. Take the password we already created, ‘M!Twww2q’ and make it exclusive.
Now you have nonsensical and exclusive passwords – that you can remember.
Your new passwords are so creative and practically non-decipherable. Congratulations! So don’t go around telling anyone. Now that you have your new top-secret passwords successfully stored in your head, you must make sure they remain secret. Madden adds, “Just remember that your password is representative of your online identity.”
Follow these six steps to keep your passwords safe:
HaPPy h0L1d@y$ !!
Last Updated: 12-09-2009Editorial Board | Legal Disclaimer | Privacy & Security | Contact Us
©2000-2009 Office of Institutional Advancement, UT-Houston
Follow us on:
What a Difference
60 Minutes Can Make
It’s just an hour. At 2 a.m. on March 14, time changes as we “spring forward” one hour overnight. It wouldn’t seem to be that big of a deal, but it is according to researchers at the University of Michigan’s Center for Sleep Science. They have found that in the days immediately following the spring time change each year more people have serious car accidents, most likely due to the sleep loss and adjustments that our biological clocks must make to the new schedule.
To prepare for the time change, start going to bed and waking up 15 minutes earlier each day between now and the start of Daylight Savings Time. This helps reset your biological clock.
The spring time change isn’t the only time we should be concerned about our levels of sleep. According to the sleep researchers, adults ought to get 8 to 8.5 hours of sleep every night, but few of us do. This does more than leave us groggy in the mornings. Findings have shown that a lack of sleep may increase risks of obesity, diabetes, stroke and heart attacks.
The National Sleep Foundation offers this advice for healthy sleep:
