What's in a Password?

With large scale data breaches occurring on almost a weekly basis, a strong password is necessary in order to avoid having your information leaked. The trouble is that it is often difficult to remember every password for every site we join, tempting  users to opt for convenience over security and hope that a data breach will never occur. 

 Just last month the websites LinkedIn and eHarmony - among many others- suffered data breaches that compromised the accounts of millions of users. These passwords were displayed across the internet and put in the hands of hackers and any would-be identity thieves.  While the passwords were not displayed with the corresponding email address or login handle, that does not mean that your account is safe from hackers. 

The types of criminals that are interested in gaining access to your webpage are experts in their field- they can easily figure out access points using electronic password dictionaries. That means that if you choose a weak password such as 12345, pword, abc123, or a pet's name, you are putting yourself at risk of identity theft.

Basically, the weaker the password, the easier it is to break in. 

The best way to protect your account in the (seemingly inevitable) event of a data breach occurring on your favourite website is to take measures into your own keyboard and use a secure and unique password.

When choosing a password there are two things to think about:

1)      Will I remember it?

And

2)      Is my password doing what it is intended to do (keep others out)?

Both are equally important and show just how much thought is needed to go into password creation.

When choosing your online passwords consider the following coding technique:

       

 1) Think of a phrase that that corresponds to a favourite hobby, vacation spot, or life event. For example: “ I Love the Vancouver Canucks!”

2)      Now take the first letter or letters from each word and turn it into a unique code using numbers, upper and lowercase letters. If the site will allow it, you should also use special characters such as: #@!$.

For example: I love the Vancouver Canucks to  'ILTVCAN!' and finally into '1LtVc4n!' where ‘A’ was turned into ‘4’ and so on.

3)      If you have a tendency to forget your passwords, you can often choose a security question that will give you a hint as to what your password is. In this example, if you set the security question as “What is my favourite sports team?” you would have a good reminder without compromising your security.

Finally, try to use a different coded password for each site you visit. Once your password is leaked from one site, it won’t take long for an identity thief to take advantage and gain access to your other accounts.

 

 "What's in a Password?" was written by Heather. Heather is a Case Manager/Advisor at the Canadian Identity Theft Association.  Follow her on twitter @CITSC1!