Afrodite-Ohki opened this issue on Mar 23, 2010 ยท 13 posts
CaptainJack1 posted Tue, 23 March 2010 at 8:53 PM
One of the best things you can do is to make sure and use what are called "strong passwords". When you put a password on your account, try to do these things with it:
Make it seven or 14 characters long, 14 being much better. Making the length a multiple of seven makes some cracking algorithms perform much less efficiently.
Use a combination of upper case letters, lower case letters, numbers, and punctuation. Specifically, have at least one of the second through sixth characters be a symbol (again, makes it much harder for hacking).
Do not use any information about you in any part of the password, even if you write it backwards or use some other way of writing it. Don't use your name, birthday, place of employment, or any such information about your family or friends.
Generally, try to avoid using common words by themselves. It may help to remember a longer password by running two or three short words together. Capitalize every second or third letter, replace the letter "e" with a "3" or other such change. For example, "$Ca2.uP_a/tRee" might be easy to remember, because it's based on the phrase "cat up a tree" but doesn't have anything to do with you.
Change your passwords frequently. Do it as often as you need to feel better, but at least every six months.
Never use the same password for any other location. This can be a real pain, but if you use the same password over and over again at every web site you use, and a hacket gets one of them, he's got them all.
If the web site offers a "security phrase", do not give real information. For example, if the security phrase for your account is "What is the name of your first pet", say something like "BobbyDobby" (unless it really was).
Never, never, never, ever, write your passwords down, or keep them in a file on your computer. If you forget a password, get the web site to mail it to you using whatever method they have. Then change it immediately. Same thing goes for your security hints.
Do not give your passwords to anyone, ever. Even if you're on the phone and you're sure that you're dealing with the real company, they don't need to know your passwords or security hints.
If you're talking to someone, even someone you know well, don't talk about your passwords. If someone is telling you all their passwords or their "I got hacked" sob stories and they tell you how they always use mom's birthday backwards, resist the temptation to be sympathetic and say, "Yeah, I do something like that, too." I mean, be sympathetic all you want, but don't give out your password strategies. Even a friend may repeat it to someone else that they don't know is fishing for your stuff.
I do software development for a company that keeps confidential medical data, and we use password techniques similar to those (plus a couple of others... a fella has to have a few secrets...)
