Protect Yourself
Passwords Tutorial
Introduction
Passwords can be a source of frustration at times, but passwords are necessary to keep your accounts safe and prove that you really are who you say you are.
This tutorial will help you understand how important it is to create a password that's both easy to remember and difficult to guess as well as what to do if you think your password has been compromised.
Passwords- The First Line of Defense
Strong passwords that are complex make it much more difficult for password-cracking tools to work.
The most efficient password should be secure enough to thwart hackers, but also one that you can remember.
Tip: A password checker evaluates your password's strength automatically.
Try Microsoft's secure password checker.
Creating a Strong Password
Strong passwords:
- Should contain at least eight characters
- Do not contain personal information such as your name, birthday, driver's license, passport number, or similar information
- Should contain 3 of the 4 following characteristics:
- UPPER CASE characters
- lower case characters
- Numeric characters (0 through 9)
- Non-alphanumeric special character(s), such as: ! @ # $ ^ *( ) _
- UPPER CASE characters
Lines from a song or poem make good passwords especially if you mix upper and lower case, numbers and punctuation.
Examples:
- "U @int n0thin but @ hound dog cryin @11 the time"
- "Yesterday, A11 my troubles seemed 50 far away"
Note: For security purposes do not use these sample passwords on eBay.
Care for Your Password
Whether you're online or offline, care for your password as you would care for the key to your house.
Your password is the only way to verify that someone logging in with credentials is really you. If someone logs onto your account with your password and makes changes, there is no way to prove that those changes were not performed by you.
Let's now go over a few tips on how to protect your password.
Try to Memorize Your Password
Each person types in an average of eight passwords every day, according to Microsoft research, which means we end up with a laundry list of Web sites, usernames, and passwords to remember.
Most of our brains aren't wired to remember long passwords so it's OK to keep a hint (not the actual password) somewhere private such as a slip of paper in your wallet.
Important: Do not include the Web site or any other identifying information in the same place as your password hint.
Don't Share
Never share your password with anyone. You are responsible for guarding your password and are the first line of defense in protecting your personal information.
The Internet is fertile ground for social engineers looking to harvest passwords.
Protect against social engineers by keeping in mind that no legitimate company will ask for your password over the phone or via email.
Mix it Up
There are two primary weaknesses when it comes to password protection:
-
1. Many users often repeat the use of one simple password on every account, so once the hacker has one password, he or she can probably get into multiple accounts.
2. Users don't change their password often enough, and when they do, they'll use a sequential password or a password that is only slightly different from the previous password.
Note: Most online security professionals recommend changing your Internet passwords and account login information at least once every three months.
Be Careful With Shared Computers
Cybercafes offer a convenient way to use a shared public computer when you are away from home or office.
But be careful.
Shared public computers are okay for casual web browsing, but they're NOT okay for connecting to your email, which may contain personal information; to any secure system, like the network or server at your office, bank or credit union; or for shopping online.
Important: If you must use a shared computer to log into a password-protected site, log out as soon as you're done, erase the browser history , clear the cookies and close the browser window. Make sure you leave the 'Remember me' box un-ticked when you log in, too.
WiFi Hot Spots Can Pose a Danger Too
Even if you're using your own computer, your information can still be hacked at a WiFi Hot Spot.
Exercise caution when doing any kind of online shopping or banking or anything that would require you to exchange sensitive data over the airwaves.
Tip: The best way to protect sensitive information is to use a Virtual Private Network, or VPN, which encrypts the data moving to and from your laptop.
Avoid Shoulder Surfers
If someone is close enough to watch you type your password, they might be able to see enough letters to guess your password.
Position your body between them and the keyboard so they can't see what you're doing.
Check the Last Logon Time
As you log on, some systems tell you when your account was last used.
Keep an eye on this information and take note if it says you were using the system when you know you were not there - perhaps someone has broken in to your account?
Contact the Website's help desk right away if this happens to you.
What To Do If Your Password Has Been Stolen
Here are a few important steps you can take to protect yourself if you think your password has been compromised:
-
1. Change your password: Change the password of every other account that uses the same password.
2. Contact the affected companies: If you think accounts with banks, utilities or other companies have been compromised, call to notify them and keep a record of the call.
3. Inform your email contacts: Criminals might harvest your contacts so they can pretend to be you as they send your unsuspecting friends and family malware-infected links or scams.
4. Monitor your accounts: Review activity on your accounts, and consider ordering a copy of your credit report.
Conclusion
We hope that you've found this tutorial helpful and you've learned that just taking a few simple steps will help ensure that your password is protected.
