On a weekly basis, I find myself helping someone out whose email account has been hacked. I always end up showing them a good method for creating strong passwords that will go a long way towards ensuring it will not happen again.
Hacking of accounts happens a whole lot more than you may think. Email accounts are hacked a few different ways. One, you are using a weak password that is easily cracked. I have seen people use passwords, such as their last name, the street number of their house, or even their cell phone numbers for a password. Criminals have software programs designed to guess passwords. The weaker your password is, the easier it is for the software programs to find out what it is. Two, passwords are compromised when an email provider’s site itself is hacked and account information, including passwords, are stolen.
The above scenarios are true for an account you have with an internet login, such as a credit card or a bank. It is imperative to make sure you do your part to keep your password as secure as possible.
Who are the Hackers?
First, lets talk about who the criminals are who are trying to gain access to your accounts. Most of the criminals are from organized crime, and originate from Eastern Europe. You may say that you just don’t have enough money for anyone to bother stealing. However, when the criminals can easily hack thousands of accounts and get a few hundred dollars from each one, you are talking about big money. Money that is used to fund the illegal activities of organized crime.
Creating Strong Passwords is Easier than you Think
Now lets talk about how to keep your accounts as safe as you possibly can, by creating strong passwords. You have all heard the saying that you should never use the same password for all of your accounts. I am here to tell you that is true. However, there are ways to use a different password for each account, and remember them. In addition, you should make sure your password is a strong password. Just what is a “strong password”? A strong password has the following characteristics:
1. It is a least 8 characters long.
2. It is not a word that can be found in a dictionary.
3. It does not contain your user name, legal name, or company name.
4. It contains one of each of these groups: Upper case letters, lower case letters, numbers, special characters.
With all of this said, how can you create strong passwords that are easy to remember, and different for each website you use? Follow these simple guidelines:
1. Make a phrase into a password. For instance, I love to golf. So I could easily use the phrase “I love golf” as a base for all my passwords.
2. Now that I have the base of ilovegolf, I can start to change it up a bit. I can add a capital letter, a number, and a special character. so the phrase of ilovegolf now turns into 1Lovego!f. I replaced the I with a 1, the L is capatalized, and the l in golf is now an !.
3. But we are not done. We now need to make this password unique for each website we log into. I would do that by tagging the first 3 or 4 characters of the website name to the end of the password. For instance, if I were creating a password for www.amazon.com, I would make it 1Lovego!fama. For Facebook, I would make it 1Lovego!ffac. This should be easy to remember.
4. For good measure, you might want to use a special character at the end. Maybe tack a dollar sign or an asterisk at the end of the password.
The above method of creating strong passwords will make your password easy to remember, and it gives you the security of using a different password for each website you log into. For those websites that require you to change your password every so often, try not to fall into the trap of simply changing one character of the password. Instead, have a second phrase you could use instead. Most websites do not require password changes on a regular basis, but if they do be prepared with a few extra phrases you can use when you need to change your password.
Above all else, create your secure password policy now, before you get hacked and are forced to be reactive!