Maybe a New Year’s resolution this year needs to be making your computer passwords more secure.
Passwords are the only thing between your personal information and someone who wants to steal it. So, what can be done to protect this information from hackers?
According to the Director of the Center for Information and Systems Assurance at K-State University, Eugene Vasserman, most people who get hacked aren’t specifically targeted: they simply get caught up in a larger data dump of account information – and unfortunately, their password just isn’t strong enough to survive being in the wrong place at the wrong time.
“These passwords are usually not leaked in plain form,” Vasserman explained. “They are leaked in a salted-hash form, which means you have to some work to break them.”
Vasserman says these aren’t necessarily targeted attacks, which means they just look through passwords to find the weaker ones.
“The weaker ones will fall within 48 hours,” Vasserman said. “And the stronger ones may never be cracked or it may take weeks.
“But,” he continued, “It is not a matter of whether you are being targeted: If your password is in the list of passwords, and it’s a simple one, someone will have it.”
So, how can you protect yourself? A good first step is to make sure your password is at least 16 characters – with a mixture of upper and lowercase letters, numbers and symbols. Also, don’t use the same passwords across multiple accounts. A password management system is useful for storing all your passwords. However, Vasserman doesn’t recommend using ones that store everything online.
“It makes it easier to synchronize,” Vasserman said. “Then again, some of them open up your individual passwords to the company that runs it. There are other systems that are not online that still allow you to synchronize. Those may be a better option.”
Of course, simply having strong passwords isn’t enough. All devices should also have the latest operating system, security updates, antivirus software and malware detection software.
If you think of passwords as being a set of keys, think of the computer system as the doors and locks: Having the keys won’t matter if what they're attached to isn't strong and secure.