Identity theft and online account security is a popular discussion amongst users of mobile devices. It’s a hot topic because computer hackers are constantly finding new ways to scam the everyday user. As technology continues to grow, the potential for security risks online will also increase. Just last week, many consumer sites announced the discovery of a serious security flaw called the “Heartbleed bug” affecting the website encryption software protecting the sensitive personal data of millions of web consumers. According to Mashable.com, companies with popular sites such as Google, Facebook, Instagram, LinkedIn, Pinterest, Tumblr, Twitter, and Yahoo acknowledged the Heartbleed bug last week, and issued a security patch to fix it. (The same article also lists these sites as potential Heartbleed victims: Etsy, GoDaddy, Flickr, Netflix, Soundcloud, Dropbox, OKcupid, Wikipedia and Youtube.) The affected companies urged users to change their passwords immediately in order to remain secure on their sites. Heritage also encourages users to change their online passwords regularly in order to protect sensitive personal information. Whether on a laptop, tablet, or mobile phone, the first line of defense against hackers and other potential security risks is a strong password.
In their post, “Tips for creating strong passwords and passphrases,” Microsoft says a strong password is a code that has 8 characters or more and contains both uppercase and lowercase letters, a numerical character, and a symbol. It is best to avoid using your username, real name, company name or other publicly available information in your code. Unfortunately, hackers have all the tools on their side to help crack your code. To develop a strong password, first make sure it does not contain a word from the dictionary. If you use an English word for your password, Microsoft suggests substituting numerical characters for some letters in the word to meet the strong password criteria. In their example, Microsoft says the password “Hello2U!” meets all the criteria of a strong password but would still be considered weak because it contains a complete word. A stronger alternative password suggestion is “H3ll0 2 U!” because it breaks up the real word with numbers and spaces.
There are many methods for developing a strong password, but at Heritage, we prefer to develop a strong passphrase instead. A passphrase is just a series of words that create a phrase the user can remember easily. According to Microsoft, a strong passphrase contains at least 20-30 characters, and does not contain common phrases found in literature or music, like song lyrics or a line of poetry. As with passwords, it is more secure if the passphrase does not contain your username, real name, company name, any repeats of prior passwords, or personal information that is publicly available. The long phrase creates a more complex code to help protect the user’s sensitive information.
Another challenge to users is the amount of passwords individuals are expected to remember for different apps, websites, personal online accounts, business account access, and sometimes also school account access. It is not recommended to store sensitive information on your mobile device, so how does one record that information for reference while still maintaining separate passwords for security purposes? In our next post, “Mobile Security, Part II: Managing your passwords securely,” the experts at Heritage discuss safe ways to store your log in information.
By: Lacey Rickert, Marketing Director, HCCS, Inc.