The dos and don’ts of online passwords

21 Jan 2015

Following SplashData’s announcement of last year’s 25 worst passwords, here is how you should secure your online information.

Considering the amount of global news stories about emails being hacked, bank details being compromised, and the private data of the public falling into the hands of cyber-criminals, it’s perhaps surprising that so many people still rely on poorly thought out security protocols.

With passwords like ‘123456’ and ‘password’ dominating the landscape, security experts around the world – such as FireEye – are encouraging online consumers to wise up and take this seriously.

There are tools out there to help, too, allowing you to create different passwords for every single login you use without the worry of forgetting them. Having one password committed to memory won’t cut it. Most internet users log into numerous accounts online (such as Gmail, Facebook, Twitter, Instagram, Amazon, Adverts and Netflix), so vary it up.

A dangerous game

“Some people don’t think about passwords when they set them, they choose what is easy for them to remember, forgetting the dangers,” explained Tom Keating, senior director of engineering and MD of Ireland R&D operations with FireEye.

“They don’t realise how easy it is to guess or transverse through a dictionary or throughout the alphabet to arrive at the password through brute force,” he said.

Keating added it’s best not to use any words from a dictionary, a noun or even foreign words “as they can be cracked very easily”.

“A person should never put personal information in a password, like a date of birth, name of a child, place of birth, etc.”

Information like this is publically available and, if a hacker is keen enough (they often are), it’s quite easy to find out these details and work out passwords accordingly.

Elaborate, lengthy and unique

“The best passwords are ones that are long (10 characters or more), have at least one special character (!@#$%^&*()_+), one capital letter, one alt character (such as £ or Æ) and one number, for example !HTYdfÆ65!”

Indeed personal security and manual encryption, which is essentially what passwords are, is a growing concern in this connected world.

A recently released European Commission report, for example, cited stronger security protocols to deal with the emergence of mobile health – the use of smartphones for things such as health information, appointment details and the like. But you can’t always rely on others to protect your information, you also have to set your own barriers, with strong passwords being key to this.

“All that said, there’s no point in going to all that trouble and then writing down the password – never put it on a Post-it!” said Keating. “If a person needs to write a password down they need to store it in a very safe place.”

FireEye is a Silicon Republic Featured Employer, comprised of top tech companies that are hiring now

Strong password image via Shutterstock

Gordon Hunt was a journalist with Silicon Republic

editorial@siliconrepublic.com