If you're like me, you have a small number of passwords you use on your various sites: bank accounts, email accounts, credit cards, blogs, etc. And while I worry sometimes about the security of my accounts, I also find it aggravating to have numerous passwords to remember. However, here's a very interesting article on how hackers can hack into your passwords.
My son works for Microsoft and says the best protection against having your passwords hacked is to employ "good password standards." For example:
- Don't use a single word - multiple words are better.
- Use multiple "character types" - upper case, lower case, number, or symbol - in your password. Microsoft requires three character types.
- Have a minimum password length. Microsoft sets theirs to 7 or 8, I would set it to longer personally.
- Make your passwords expire: that way there's a limited window of
opportunity that hackers can use your password before they're required to steal
it again.
Hi Dr. Kirk,
Excellent points that are right on the money, especially regarding password strength. Those "strong" passwords can be difficult to remember. So, I have a resource:
I've taught my tech students about a service called LASTPASS. Its an encrypted password "vault" that allows for password management remotely, through the use of a highly encrypted master password - the only one that needs to be remembered.
Several of my software development contacts have also evaluated and used it, similarly recommending it.
For anyone interested: http://lastpass.com
Posted by: Jason Hamilton, CPP | April 09, 2013 at 12:37 PM
Jason, Thanks for recommendation. I use lastpass myself and it's a great tool!
Posted by: Dr. Delaney Kirk | April 09, 2013 at 12:53 PM