Hackers have sophisticated tools that are freely available on the Internet that can break simple passwords, like your cats name, 1234, or anything simple, in approximately 10 minutes. So all of you need to re-think how you create passwords. All your systems that use password access need to have a good complicated password.
I can hear all of you greenhorns out there moaning and saying “my simple password is so easy to remember, and I use it for everything. This makes my life so much simpler.” Well the hackers are laughing at you, because it makes their life so much simpler too!
Yes, I know there are computer programs that claim to safely sort all your passwords on your computer for easy access, but truthfully, you can't rely on them not to be hacked. The hackers see them as a little honey pot of all your passwords, with every thing in one place. It just saves them a lot of work. Never store password information on your computer, and change passwords regularly.
It is very important that you create complex passwords for everything, banking, Internet accounts, Broadband/wireless Modem, and Internet Game site access, etc., that contain some upper case letters, numbers, and where possible, characters like #, &, or similar. Unfortunately, some password creation systems will not allow you to use characters like #, &, or similar, in the password. If they don't, then use a complicated mixture of upper case, and lower case letters and numbers.
It should be at least 12 characters long. Why? Because hacker's have sophisticated password cracking tools, that can break the average dictionary word based password, with a few numbers thrown in, in a few minutes! The longer the complicated password, the harder it is to crack.
I know some people who have changed banks simply because the bank web site wouldn't allow them to create a complex password using characters like #,>, &, etc. For those of you scratching your head right now thinking how am I going to create all these super passwords, here is a free tool you can use. It is an Ultra High Security Passwords Generator, kindly provided by Steve Gibson of Gibson Research Corporation.
https://www.grc.com/passwords.htm
Use the second row, the 63 random printable ASCII characters row for general password creation. For those of your ready to panic, you don't need to use all 63 characters for each password just 12 or more characters, randomly selected from those shown. (For those of you using Linux, use this tool to create a really good admin root password.)
If this bit stressed you, read this Free Book on Stress Management.
The facts are that most computer users are way out classed. The crime gangs are employing some of the best computer minds in the world, and paying them good money to create more ingenious and sophisticated hacks. So everyone using a computer needs to get their act together, and stop thinking that your computer is a communication and entertainment tool, and realize that it is continually under sophisticated attack, and you need to raise your understanding of computer security, and defend yourself.
I am constantly hearing of personal bank accounts being pilfered. In some cases the banks have refused to reimburse the amount lost. The American stats for 2007 were 3.83 million Americans lost an average US$1500 each from their bank accounts through bank pilfering. Now that all adds up to a lot of money!
A month ago the criminal Internet economy was estimated to be making $150 billion dollars annually worldwide. It is now making more money than the north American drug trade. So they have a lot of money to re-invest in research and development.
It is not much use going to all the trouble of creating wonderful complicated passwords if your computer is already hacked. Because hackers will have it as soon as you type it. (The statistic show 25% or more of you reading this articles are hacked already.) So get yourself up to speed, and read my previous blogs that outline how to secure your system, and keep it safe, plus use the suggested tools to check to make sure your system is clean.
© 2008 Peter Daley
Disclaimer: This is an amateur volunteer run service. Human error can provide incorrect information, and equipment malfunction can produce false readings. Do not rely on, or take action upon information presented on this web site or at SCCC activities, without further research. Views expressed in the pages, images, or tutorials on the SCCC Inc., web site or presented at venues, maybe the personal opinions of the relevant writers or presenters, and are not necessarily representative of those of SCCC Inc.
I’ve seen similar rtoreictisns but still consider the security sufficient ifa) you have some random login number that you write downb) your account gets blocked after 3 tries.If the login number was your account number it could be used for denial of service, so I prefer a random number.Of course someone could still steal your hashed password from the bank and brute-force it which is easier for simple password.But then this is not much easier than installing a trojan, staging a man in the middle attack or sniff your password by other means.