Tech Talk

Protecting Your Online Identities

Posted on March 19 2012 by Adam Erstelle

Focusing on PasswordsThe internet is a wonderful place with many resources available to us. As more and more of our lives become entangled in the digital world it is increasingly more important that we are conscious of the dangers and actively work to protect our online identities. What can we do to protect ourselves?

Usernames & Passwords are the keys to the online world

Almost every website that you visit will allow you to register and log in. Once logged in, often you have access to more information and you can customize your online experience. Depending on the website you may have access to make changes to things in the physical world such as the funds in your bank account, cellular features, online purchases and more. Often these websites ask you for a user name and password so that they can verify who you are.

When you are registering for a new website it is important to choose a password that is secure. To create a secure password you should try to use both upper and lowercase letters, numbers, symbols and avoid using words that can be found in a dictionary (even with letter substituted for numbers or symbols). Passwords can be cracked very quickly, to demonstrate here are a few examples of a password that is only 8 characters long and an indication of how long it takes to crack:

  • Only numbers: Cracked Instantly
  • Either upper or lower case letters (not both): 3.5 minutes
  • Either upper or lower case letters and numbers: 1 hour
  • Mixed upper and lower case letters with numbers: 60 hours
  • Mixed upper and lower case with common symbols: 34 days
  • Mixed upper and lower case with numbers and common symbols: 83 days

Use different passwords for each site

Once someone has decided to pick a secure password to be used one of the first things that they will do is update all their accounts to use the same password. This way all they have to remember is their username (also re used across all accounts) and their password and they can get into any website!

The problem occurs when the gardening website that you subscribe to is hacked and all user names & passwords are stolen. The bad guys will then have your login information and they know that most people re-use the same user name and password on most websites…including banking.

The solution, although a tricky one, is to use a different password for each website that you can login to. When using secure passwords it can get very difficult very quickly to remember which password you used for each web site. There are 2 ways to solve this.

Create a password pattern

A password pattern makes it easy for you to remember secure passwords that are unique for each website. What you need to do is come up with a pattern that you can use when creating a password for a website and follow that pattern for each website. An example would be to combine the name of the website with a funky way of spelling your favorite color: paypal4uR4[3, which is for the pay pal site and a favorite color of purple.

Use password management software

For the last year or so I’ve been using software called LastPass. It is a great, highly secure way of having your unique passwords remembered and automatically entered for you. As their website boasts, the LastPass password is the last password you will have to remember again! It is free, easy, safe and most importantly it is secure. It is encrypted twice and only YOU can unlock the information. For a technical breakdown of how LastPass works please read the Security Now podcast transcript about LastPass on the GRC.com website.