Passwords and online security

This weeks blog is all about passwords, and some advice on how to keep your online accounts safe.

Use unique passwords: One of the most important things is to use different passwords for all your online accounts. Then if your password is compromised, it only affects one online account, instead of opening up all your online accounts to the criminals. It’s all about damage limitation.

Don’t use pets or family members names: Often hackers will try to break passwords using a brute force attack. A brute force attack is where a script or program is used to repeatedly try logging onto your account, usually multiple times a second, with a whole series of different passwords. They will start with passwords that include words specific to you (if you are known to them), maybe a pet or family members name. They will try adding a number to the end of that word. A password like “Rover9” isn’t going to take long for the hackers to work out. It’s also best to avoid words in the dictionary as that’s a common source for hackers to use in a brute force password attack.

Make passwords as random as possible: The best passwords are made up from a completely random string of upper case letters, lower case letters, numbers, and special characters. But that’s usually very difficult for us to remember. One solution is to use password manager software to help you store these random passwords. Or you could write them down in a notebook, but do make sure that notebook is always kept safe. Password manager software is the better option.

Paste passwords rather than type them: Another common trick used by the criminals is to secretly install keystroke logging software to capture your passwords. The easiest way to protect yourself from this threat is to use the paste feature found in most password managers. Then you are never actually typing your passwords, just copying and pasting them from your password manager software. This technique also thwarts “shoulder surfing” to gather passwords

Two Factor Authentication: Also, if two factor authentication is available, use it. This can take the form of a dongle (like the online banking ones), or sometimes a code is texted to a pre arranged mobile number for you to enter with your logon username and password.

Keeping safe online

I hope this short blog has given you some ideas on how to keep your online accounts safe.

Chris Moody

ASL Computer Services