Article By: Rich Silva – Founder – Pain Point IT Solutions, Inc.
Every now and then we all need to press the proverbial reset button and start getting back to the basics of security.
Your Password is the KEY to the door
I know most of you realize this. A person who has your password is the virtual equivalent to the person who found your car keys. Yet, in my travels, I still see some very bad habits out there being perpetuated and I would like to take the opportunity in this weeks letter to tell you some of the common bad habits I see and possible ways for you to avoid doing them yourselves. Most of this is common sense, but every once in a while we enter a comfort zone and common sense is sacrificed.
1) Do not leave your password written on a piece of paper anywhere around your computer monitor, keyboard, mouse, or top desk drawer.
2) Do not answer the employee, or computer technician who asks you from across the room if you know the password to a certain machine. Get off your ass, walk over to the person asking and either type it in for them or tell them quietly.
3) If you forget your password to a web-site or service, use their "forgot password?" link to recover it. Know that the most secure way to accomplish this is that they will send an e-mail to your registered e-mail address for you to confirm. Any web-site or service that asks for personal information to recover a password should put your guard up.
4) DO NOT USE THE SAME PASSWORD on multiple sites. I understand there is a convenience of only needing to remember one. However, this is the equivalent of a skeleton key or silver bullet to a bad person. Keep in mind any system administrator can recover your password on their system. It won't be to difficult for them to try it on a couple of common banking sites and get into your account.
5) If given the option to "REMEMBER ME?", don't. Just type your password again the next time. You never know at your place of business who will end up with your computer when you leave, or get an upgrade and your current computer becomes a hand-me-down.
Suggestions for Better Password Management
1) If you must write your passwords down, do so in an inconspicuous manner on a page in a notepad that you keep buried somewhere in a desk drawer, or better yet in a safe.
2) Take the low road when people ask you out loud for your password. Always interrogate the person who is asking you to make sure they are trustworthy. If you use the password you are giving them for other locations; keep in mind that you may have just given them your password to other things. When possible, type in the password for them and ask that they look away.
3) Create a password protected MS-Word file where you store all of your passwords. Make sure that file is on a backup schedule to be archived once a day.
4) DO NOT USE passwords ANYWHERE that an idiot would put on their luggage (Thank you Mel Brooks). 12345, password, admin, or your username are just asking for trouble.
5) This one is not very practical for many people, but try and change your passwords every 3-6 months. Especially on your financial and banking sites.
The Bottom Line
They say that the eyes are the window to your soul. Well your password is the key to your privacy and data. You wouldn't leave your keys next to your car door, don't leave your password next to your computer. Be vigilant out there.