Thoughts Tech Solutions Previous Thought Next Thought

The president wants YOU to improve your password

Being a good steward of your online data and accounts might be annoying, but you have to do it!


Actually, he wants you to go BEYOND the password even. He really does. In a Wall Street Journal op-ed last month, President Obama says he wants to:

“encourage more Americans to move beyond passwords — adding an extra layer of security like a fingerprint or codes sent to your cellphone.”

And it’s great advice. Here’s why there’s so much talk about adding more layers of security. Your passwords are bad. Most likely.

You. Need. To. Change. Them.

Especially if you’re using any of these:

1. 123456
2. password
3. 12345678
4. qwerty
5. 12345
6. 123456789
7. football
8. 1234
9. 1234567
10. baseball
11. welcome
12. 1234567890
13. abc123
14. 111111
15. 1qaz2wsx
16. dragon
17. master
18. monkey
19. letmein
20. login
21. princess
22. qwertyuiop
23. solo
24. passw0rd
25. starwars

And before you give yourself a pat on the back for NOT using any of those. About that one, super-great password you have that you are using EVERYWHERE? You can’t do this either. Even though I did this. I don’t any more. My Gmail, Netflix, Paypal and Amazon account passwords were the same one. I believe that password was used to access my wifi in my house as well. I understand the pain of remembering and entering different passwords every time. Luckily there are services that make passwords more secure and simpler for us to use.

At Paragon, we use LastPass. This is a service that generates and stores diabolical passwords for you. All you need to remember, is ONE master password to your vault. Once you’re signed in, LastPass does a great job of filling in and signing you into your accounts. It has some limitations – have 10 gmail accounts? Yeah. That is going to confound it a little. Turn off the autofill on these, and it will filter to the top three you use.

Also, LastPass is by no means the only option. PC Mag put out a list of the best password managers for 2016.

PC Mags best password managers

 

Coming up with better passwords

If you DON’T want to sign up for a password service, here are some tips on better passwords.

  1. No dictionary words
  2. Minimum of 8 letters
  3. Try coming up with a memorable phrase, and then using the first letters of each word. So: “I started 7th grade at Lincoln Middle School in 2004” turns into “Is7gaLMSi#2004”
  4. Don’t write it on a sticky and put it on your monitor. Or bulletin board.
  5. Change early, change often.
Enable two-factor authentication

Now, wherever possible, enable Google’s two-step authentication. This is something we do at Paragon too. This means you’ll need access to your phone in order to log in to your accounts that allow you to use it. You can download the app in the Appstore or Google Play.

Its becoming more and more popular and more online accounts are offering it. You can enable two-step authentication for access to LastPass, WordPress and Dropbox. Follow Matt Cutt’s advice: turn on two-factor authentication everywhere you can.

Will we see the demise of the password altogether?

Passwords have long been the bane of, well, everyone. They’re either too easy to guess if they’re bad, or too hard to remember if they’re good. So what’s the logical evolution here?

  1. Biometrics – fingerprints, iris scans, facial scans and even voice recognition
  2. Out-of-band authentication – this is a type of two-factor authentication that requires a secondary verification method through a separate communication channel along with the typical ID and password.
  3. Quantum Cryptology  – uses physics instead of math to encode and decode information, creating keys that are nearly impossible to crack, since they’re based in tiny, packets of light instead of math. Ooooh, science!

 

Future vulnerabilities?
  1. The Internet of Things – With the integration of the Internet of Things (IoT) into everyday life, there is a danger that people won’t understand the new risks that come with doing things they have always done, like integrating technology into everyday objects that have previously not been digital and connected to the internet.
  2. Privacy – The more information you have online the less privacy you have. There are measures you can take to keep certain things private. Unfortunately most people don’t know how. The internet moves and grows too fast for the people who use it.
  3. Mobile Devices – Our phones are tiny computers. Most people still see them as just Cell Phones. They are much more than that and need just the same amount of protection you give to your laptop. What you browse can infect your phone just as well.

 

So. I know. The news is not great. Your passwords are bad, and the bad guys are getting better at getting past them. But this is our new reality. With hyper connectivity comes, well, hyper availability of your stuff. Make password health part of your routine. It’s just as important as getting out there and exercising or eating well.

Gregory Yanez

With a degree in interactive media and computer science, Greg’s a technological wizard who does more than get his ratio of salsa to guacamole right…he knows how to build a gorgeous website with a CMS so clean it’ll bring tears to your eyes.

Comments

Share