All of my passwords start w ith the same lengthy

Info icon This preview shows pages 3–4. Sign up to view the full content.

View Full Document Right Arrow Icon
All of my passwords start w ith the same lengthy prefix, such as a childhood telephone num ber, for exam ple, 9126364242 (this is not the actual prefix I use). Next, my passwords all include the nam e of the account, such as Delta, Am azon, or AICPA. Finally, each of my passwords ends w ith a four-digit personal identification num ber (PIN).The results are strong lengthy passwords th at I have a good chance of rem em bering, such as the examples shown below (which are not my actual passwords): Delta account password: 9126364242d elta7543 Am azon account password: 9126364242am azo n 9312 AICPA account password: 9126364242aicpa2209 Using this approach, the bold PINs are all I need to rem em ber, and because hackers don't know the actual lengthy prefix I use, these passwords are very strong. W ith 263 active passwords on my list, this structured approach gives m e a fighting chance of rem em bering m any of them . Because uppercase and special characters are m ore difficult characters to type (especially on a sm artphone device), I avoid these types of characters unless they are required. are also a concern. SlashData’s annual “Worst Passwords” report, which is compiled from millions of leaked passwords, has found that since 2011 the most frequently used passwords are “123456” and “password.” And not only do people use simple, weak passwords, but they also often use the same one for everything, further magnifying the risk A breach exposing passwords on a social networking site might seem unrelated to your business. But what if an em- ployee’s password was exposed in the breach and his or her place of employment or bank was identified on a profile page? The compromised password could be used to attempt to log in to other systems (see the sidebar, “An Approach to Strong Passwords”). The impact of weak and repeated passwords is magnified now that so many cloud systems are in use, because the bad guys no longer have to be inside the network to use discovered passwords. Add in what is now standard remote access to systems by vendors, and the problem again grows larger. Several major breaches have involved compromised ven- dor credentials. As hard as it is to believe, Sony actually had a folder called “Password” on its breached network. It’s hard to imagine how this could happen in an organization so large, but during our IT security audit work, we routinely see not only passwords writ- ten down in all kinds of places, but also unsecured password documents stored on employee computers and mobile devices. Don’t do this. If you are overwhelmed by the number of passwords you need and just can’t remember them all, you might want to consider using a password manager that securely stores your passwords for vari- ous sites. W ith this approach, you need to remember only the strong password you create to access the password manager. You can find dozens of password managers with an online search. I recommend device-based managers as opposed to cloud-based ones, provided you have device security protections in place. I also lean toward the paid managers, though
Image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern