My mother is not the most technologically-adept person, but she loves to e-mail, share pictures, and send e-cards to everybody and anybody. She drives me nuts some days, and not 
just because she considers me the tech support. Her method of keeping track of her multiple account passwords is a Rolodex on which she writes usernames, passwords, and even credit card information. She then leaves it right next to the computer.
After a year of nagging her, I finally got her to keep the Rolodex somewhere else, though I’m still not happy with the setup. The security risk is obvious, and she’s not the only one whose susceptible to it. Take RockYou, a Facebook third-party app maker who had user data listed in a completely unencrypted format and as a result lost 32 million e-mails and passwords.
Here’s the rub: a hacker might not care about being able to fiddle with your “Pieces of Flair” Facebook app, but if you’re like my mother, you don’t use different passwords for different accounts. You try to use the same one on everything, from Facebook to e-mail to your banking. A hacker has to simply run a script to try your password and username out against as any number of likely websites to see if the same login information will gain them access.
On the flip side, the vast number of sites and programs for which we have to remember passwords, usernames, and procedures to log in are a real hindrance to most of us (particularly when focused on online reputation management). Luckily, there is a middle ground between security risk and productivity.
10 TECHNIQUES FOR PROTECTING YOUR PASSWORDS
- Add numb3r$ and $ymb0ls to a word you know. This is easier to remember, yet harder to crack.
- Have one base password and add a variable (i.e. the first and last letters of the site you are on). You’ll always know what it is, but it won’t be susceptible to common script attacks if one password is compromised.
- Have a frequently changing password? Boost your vocabulary at the same time by making it a word you don’t know (or other bit of trivia you want to learn).
- Size matters. A brute-force (trying all possible combos) attack can crack “darren” in 8.5 hours compared to 22,875 years for “B33r&Mug”
- Keepass (or other password protected database). You can stick it on a USB drive or share it with Dropbox.
- Some sites deserve less attention than others. If you have an online forums that you occasionally ask questions on, using the same password on a bunch of them isn’t a big deal. Just don’t use the same password on your banking.
- Change your passwords (along with your smoke detector batteries) when daylight savings time comes around.
- Use the first letter of each word in a lyric you remember. You’ll look weird singing to yourself, but these things happen.
- If you insist on writing passwords down, don’t write the full thing. Use technique number one and only write down the variable.
- DON’T SHARE PASSWORDS!!!! And when you do, change them as soon as possible. Someone you trust today may not be your friend tomorrow.
You don’t have to surf the web with javascript disabled and a 30 character long hashed and memorized password to avoid the security vulnerability of “1234″. The very nature of online reputation management will require multiple accounts; security is invaluable in protecting this.
Create a Brand-Yourself.com Account to Manage Your Online Reputation!
Brand-Yourself.com is an award winning toolset that helps you proactively manage your online reputation and promote yourself across the social web. Create an account today to see how we can help you win new opportunities, jobs and clients online. It’s easy and it’s fun!
