Tuesday, August 4, 2015

The Password Is: Ch@nge_1t!





















Passwords can be a real pain…if you’re doing them right. The easy ones that are effortless to key in are the ones that leave you – and your information – most vulnerable.


Hackers get into accounts for many reasons: identity or information theft, financial gain, to learn confidential information, or just because they can. Your password can make this a cakewalk for hackers, or it can make it more trouble for them than it’s worth. There’s even an online calculator that figures out how long it would take a hacker to break your password (because of course there is). My go-to password could be hacked in 1 month, 25 days max.


Photo of Steve Carell as Brick in Anchorman with the text, "I changed my password to "incorrect". So whenever I forget what it is the computer will say "Your password is incorrect."
Not funny, Brick.
Okay, maybe it's a little funny.

We at Brockett Creative Group advise the following to keep your passwords secure:
  • Choose a website host that is equipped to withstand hacker attacks. BCG's subsidiary tSpark was the victim of a hacker assault earlier this year, but was able to handily withstand it, leaving our clients unaffected. 
  • Change passwords if a personal or professional relationship ends. Maybe the individual who was terminated didn't get passwords, but maybe he or she did. You don't want to find out that they did by suddenly finding your personal or work life in complete chaos.
  • Mix it up: don't simply change the number at the end of your existing password from a "1" to a "2." Think of something you'll remember, and play with it by removing letters so it's not a complete word, using numbers or symbols in place of certain letters, adding random capital letters, or playing with syntax (high five, anagram fans, for this is your time to shine).
  • The longer the password, the better. It will take longer for the hackers' programs to break your password, making it likelier that they'll move on to another victim. It takes more time to key in, but it's worth the extra seconds.
  • Use different a different password for each of your online accounts. This is my least favorite because a) I can't argue with it even though I want to, since it makes complete sense, and b) because thinking up new passwords for every login costs me valuable Netflix time. Unfortunately, like filing taxes, you could face consequences if you don't do it. There is a silver lining, as you can use a password manager to store all of the strong, unique passwords that you've abandoned Netflix to craft. You will only need to remember the master password, and the manager will provide the individual password to its matching website login. BOOM - your binge watching plans are back on!
  • If you have access to highly sensitive information - such as others' social security numbers or bank account information - you may be required to change your password often. Some IT departments have automatic and mandatory password resets quarterly. While this used to be the standard in password security, the current thinking is that it isn't effective, as hackers will not lurk and observe for weeks or months before they strike. It's also not that easy to come up with several strong, unique passwords multiple times in a year, so as time passes your passwords get weaker and easier to crack. This method would be most effective in a case where the person (probably known to you) who got ahold of your password is snooping and surreptitiously viewing your personal information and communications.
  • Change passwords as soon as you become aware of a potential compromise. Security compromises happen in many ways: a breach at a financial institution (remember the Target debacle?), an encryption flaw such as 2014's Heartbleed, or an email or phishing scam. Even if initial reports are that there may have been a breach, don't take any chances - change your passwords. If it turns out that there was no breach, no harm was done and if there was, you've gotten a little ahead of the game.
If you'd like to learn more about tSpark hosting and its security measures, email us, or call the office at 315-797-5088.

A photo of a boxer dog laying on a couch, with the caption, "Someone figured out my password, now I have to rename my dog."
Not funny, doggie.
Okay, maybe it's a little funny.