On Monday night I attended a presentation on Internet safety for parents given by SWGfL (swgfl.org.uk). It was organised by my Grandson’s school in Meysey Hampton meyseyhampton.ik.org. The presentation was informative and they made good use of a real time voting system that allowed the presenter to display statistics about us as an audience as we voted or responded to multiple choice questions. As he had been doing something similar with the pupils that day he was able to compare the results with the polls conducted with the children. Very informative but more of that elsewhere. The thing that got me thinking was the old problem of passwords. He showed the personal information that was freely given by many people on social networking sites and then made the obvious link as to how easy it was, from this, to guess the passwords that most people use. As he went through the list, names of children/siblings/spouses, dates of birth etc. There was an audible groan in the audience, indicating that many of them were doing the same.
The problem is really simple in the making. The password is still by far the simplest and most common way of protecting resources. However people often end up having to remember lots of them and opt for something simple so they don’t forget them. The upshot of this is that many people protect their resources with passwords that can be guessed and run the risk of having their data stolen or changed.
If you are one of these many people taking risks with your data you can do two things to improve on this.
Use password management software. This doesn’t need to be complicated to use and need not cost anything. We use Password Safe from Bill Hess which can be found at pwsafe.org, it’s easy to use and free but I would urge you to make a small donation. Password Safe allows you to generate complex passwords and if you take a little time learning how to use it can make password and username entry very easy. There are also apps that work with Password Safe for your mobile phones. There is also a good guide by Bill on the dangers of reusing passwords here: pixelprivacy.com/resources/reusing-passwords/
The snag with this is with those sites where you frequently need to enter a password. Using something like Password Safe gets in the way. So some of your passwords need to be memorable and complex and here’s how to do it:-
Basically it’s a word game based on words, events and numbers which have special significance. Passwords should ALWAYS be a mix of letters and numbers, adding capitals and symbols is icing on the cake. These memorable words and numbers should NEVER be children’s or spouse’s names, dates of birth, postcodes or your mother’s maiden name. Aim to make the password at least 7 characters long. Examples are:-
- Say I left school in 1968 then add 1 to 9 to get 10 then create a password 196TeN8.
- Misspell a word and substitute numbers for letters that look similar such as H6ndyKap (was “Handicap” of course). Be careful with this, the misspelling is essential, substituting number for letters it a very well known trick and can be guessed quite quickly.
- Substitute symbols for letters or combination of letters ,oNLand (yes it starts with a comma to, sort of, give “common land”) or ParrR@s (“parrots”).
Once you get the hang of it, it is easy especially if you use some association that isn’t obvious. Let’s say your first bank account was taken out in Leicester then use a password like £estrF1st.
Hope this has given some fuel for thought. One last thing if you decide to use something like PasswordSafe then don’t forget to back it up regularly. This is of course a sneaky way of introducing you to our On Line Backup service (see MinervaSafe or OLB).
How to Make Passwords Work For You
On Monday night I attended a presentation on Internet safety for parents given by SWGfL (swgfl.org.uk). It was organised by my Grandson’s school in Meysey Hampton meyseyhampton.ik.org. The presentation was informative and they made good use of a real time voting system that allowed the presenter to display statistics about us as an audience as we voted or responded to multiple choice questions. As he had been doing something similar with the pupils that day he was able to compare the results with the polls conducted with the children. Very informative but more of that elsewhere. The thing that got me thinking was the old problem of passwords. He showed the personal information that was freely given by many people on social networking sites and then made the obvious link as to how easy it was, from this, to guess the passwords that most people use. As he went through the list, names of children/siblings/spouses, dates of birth etc. There was an audible groan in the audience, indicating that many of them were doing the same.
The problem is really simple in the making. The password is still by far the simplest and most common way of protecting resources. However people often end up having to remember lots of them and opt for something simple so they don’t forget them. The upshot of this is that many people protect their resources with passwords that can be guessed and run the risk of having their data stolen or changed.
If you are one of these many people taking risks with your data you can do two things to improve on this.
Use password management software. This doesn’t need to be complicated to use and need not cost anything. We use Password Safe from Bill Hess which can be found at pwsafe.org, it’s easy to use and free but I would urge you to make a small donation. Password Safe allows you to generate complex passwords and if you take a little time learning how to use it can make password and username entry very easy. There are also apps that work with Password Safe for your mobile phones. There is also a good guide by Bill on the dangers of reusing passwords here: pixelprivacy.com/resources/reusing-passwords/
The snag with this is with those sites where you frequently need to enter a password. Using something like Password Safe gets in the way. So some of your passwords need to be memorable and complex and here’s how to do it:-
Basically it’s a word game based on words, events and numbers which have special significance. Passwords should ALWAYS be a mix of letters and numbers, adding capitals and symbols is icing on the cake. These memorable words and numbers should NEVER be children’s or spouse’s names, dates of birth, postcodes or your mother’s maiden name. Aim to make the password at least 7 characters long. Examples are:-
Once you get the hang of it, it is easy especially if you use some association that isn’t obvious. Let’s say your first bank account was taken out in Leicester then use a password like £estrF1st.
Hope this has given some fuel for thought. One last thing if you decide to use something like PasswordSafe then don’t forget to back it up regularly. This is of course a sneaky way of introducing you to our On Line Backup service (see MinervaSafe or OLB).