Tech Tips
SPONSORED BY THE COMPUTER CLUB
One of the safest things a computer user can do is create a strong password. The most common error tech users make is creating obvious or minimal passwords like “123456,” “password,” your birthday, phone numbers, etc. These are simple passwords or publicly available information that hackers can easily access.
The next biggest mistake is to reuse the same password on more than one website. Hackers always try out passwords that have been exposed by company or website data breaches.
Hackers look for password patterns. Substituting a “1” for the letter I, a “$” for the letter S, or a zero for a capital letter O, might prevent the average person from guessing your password, but that won’t stop a hacker.
How to create strong passwords you can remember Here’s a hint for tech users: The longer the password the better. A strong character-based password should be at least 16 characters. But instead of trying to remember a long character-based password, use a phrase with four or more words that will be easy for you to remember. Many websites require upper – and lower-case letters, numbers and symbols, so you’ll need to include them. Here is an example: “I_Love-Living@1591_in_Rossmoor.” Or, if you want to try something a bit more complex, “save*ME*100’s-Ofbuck$.”
If you don’t have stand-alone password management software (see below for more information about this type of software), remember to write your passwords down in a notebook or on an index card. Include the website, user name, password and any security questions and answers you might have been asked to select for later password recovery. (Commonly known as “Security Questions.”) To provide additional security, try using cryptic descriptions instead of actual website names when you write down your password information, such as using “mattress” instead of Bank of America or “store” instead of Amazon.com. Don’t keep your passwords written on your computer or mobile device.
The pros and cons of letting your web browser remember your user ID and passwords Current web browsers have features to remember passwords you enter, and some also offer to create long, random passwords. They store the information encrypted in the cloud and synchronize it in the same browser on your different devices, making it easy to use all of your passwords across your devices. The best use of browser password management is for non-financial services, like storing your library card number and personal identification number (PIN), or your user name and password for an online club newsletter. However, you should avoid using your browser’s password manager to access financial accounts or making financial transactions.
There are two reasons not to let your browser store your passwords.If your computer or mobile device is ever lost or stolen, and the thief manages to log in to the device, they will have immediate and complete access to passwords stored on it and can access any online account. Also, should a hacker ever take control of your computer remotely over the Internet, they will have immediate and complete access to your online accounts, including your online financial accounts, medical information and other passwords that have been stored on the browser.
Stand-alone password manager software is more versatile and secure Examples of stand-alone password managers include: 1Password, Dashlane, KeePass, Keeper, Last-Pass and Norton. You already have free access to the Norton stand-alone password manager software because your Rossmoor cable TV and internet service is from Xfinity (Comcast). You can download it from Xfinity (www.tinyurl.com/xfin-norton) to your computer or mobile device, and can synchronize across many different browsers and devices. You only need to remember one master password. The software can then generate long, random-character passwords and remember them for you. As a result, you end up with an easy-to-use, strong password that can be changed easily whenever there is a data breach that affects any company or website you may have used.
The software remembers all of your passwords, security question answers, and any other information you want to keep secure but need to access quickly. You can store non-password related data on the software, such as images of scanned documents like your passport or the contents of your wallet, including credit cards and driver’s license in case you lose them.
For more information, read Washington Post technology columnist Geoffrey A. Fowler’s excellent column that explains why you should use a stand-alone password manager: www.tinyurl.com/fowler-pwm
Part 2 of “Creating strong passwords” will run next month. Have a tech question or want to see an archive of previous Tech Tips columns? Go to the Computer Club website www.caccor.com, and click on the LINKS menu choice at the top-right of the page.
