Published by Javier Merchan, May 2nd 2010
Remember a film called Home Alone where a young boy called Kevin is left at home by mistake while his family goes on a Christmas vacation to Paris?
And what’s this got to do with support or IT? Nothing really, it’s just that I keep on forgetting things, mostly my passwords. It must be because I’m getting old.
The number of passwords we use for specific applications is increasing: work computer, personal computer, Gmail mailbox, Twitter, Facebook… not to mention telephone and credit card PINs. If I don’t even know my home number (as I never call home), how can I be expected to remember all the passwords I use? Being highly intelligent, I decided to use the same password for most of my applications to avoid forgetting it.
Is that really a smart move? No it isn’t, it’s a very common error. We don’t consider passwords to be important. It’s like using a single key for your car, house, office, bank… Imagine you leave it at home by mistake or it falls out of your pocket.
Even if you have a strong password, someone could get hold of it (please tear up the post-it note next to your PC which includes your password and dispose of it in several bins) using Trojans, phishing and other malicious methods. However, I’ll leave it to my colleagues in PandaLabs to explain that in another post.
Most browsers store the passwords used so you don’t have to remember them every time you access an application like Facebook or Twitter. But, is this safe? If you always use your computer this may not be that dangerous, but if you share the computer you could be in for a surprise.
A few days ago, a friend told me over Facebook that after being married to his wife for many years, he wanted to break up with her. He had fallen in love with a work colleague and was going to leave everything in order to be with her. You can imagine the reaction on Facebook: his family (mainly his in-laws) asking for explanations, work colleagues under suspicion for breaking up the family, lost friends… and all because he accessed Facebook from a computer at an IT trade fair and forgot to close the session. Someone had used the same computer, gone into Facebook with his profile and passed himself off as my friend. It wasn’t easy explaining the situation, especially to his wife!
Passwords are keys to access applications and their importance is grossly underestimated. Everyone has, at one time or another, created passwords using their name and birth date (john1974) or the name of their loved ones. This is a mistake, it’s like giving away your keys and asking people to enter your home or steal your car.
Here are a few tips to create and use strong passwords:
- Combine alphanumeric characters to create your passwords, and create different passwords for email, social networks, etc. The more complex, the more difficult to copy.
- Size does matter: the longer the password, the stronger it will be.
- Do not use your name and phone number (john2124561234), easy passwords (123456) or your pet’s name, as this information could be (although it shouldn’t) on social networks such as Facebook.
- Use all sorts of characters: ‘@’ instead of ‘a’, ‘I’ instead of ‘i’…
- Use words or sentences that are easy to remember but difficult to guess.
- Do not reveal your passwords or send them via email.
- Change your passwords frequently. Passwords are like toothbrushes: no one should use yours, and you should change it regularly.
- Do not enter passwords on shared computers.
The best advice is to use common sense. The theory is simple, but I hardly ever put it into practice. As the saying goes, do what I say, not what I do. This post will at least be useful to realize that what I usually do is not right.
==============================================================================
I have been working in Panda Security since 2001 and I am the PR Coordinator. This may sound strange, but it consists of working with our offices worldwide to coordinate PR and Communication actions. I love sports (lately I prefer to watch rather than take part), reading and good movies… This is subjective, as some people may consider Rambo a good movie, and others may like French movies where the main characters look at each other through a window while the rain is pouring down it. You can contact me in http://twitter.com/javiermerchan or josejavier.merchan@pandasecurity.com
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
1 comment