by David Lim
Fiona came up to me the other day and challenged me to crack the password to her AOL account. After a hacker managed to hack her account because her password was "password", she now had a superduper password with completely random characters. She said that even if I were to use a software that tries all the possible combinations of her password, it will take many years before her password can be broken.
I told her I was always game for a challenge. "Get me a cappuccino from the cafe downstairs. I'll find your password by the time you get back or dinner's on me."
Fiona was back in 15 minutes. She found me gleefully browsing the contents of her email account, and asking her why there were so many male names in her contact list.
"You did everything right," I said. "But, among all the names, phone numbers and appointments on your management calendar, I noticed a meaningless string of numbers and characters and guessed that it’s got to be a password to something. I tried it on your AOL account and it worked."
In other words, you can have the best password in the world, but if you are not careful about safeguarding it, an uncrackable password can be very easily cracked. The following highlights common ways that your uncrackable password can be cracked and what you can do to prevent it from happening.
Looking Over Your Shoulder
Whether at the office, in the mall or at the ATM machine, looking over your shoulder is a great way to know your password. So, when you are entering the characters into the keyboard or numeric keypad, have a feel of the people around you and make sure they don’t get a clear view of what you are entering.
And don't be too confident that nobody can remember all the characters of your 20-character password. Remember that we are in the 21st century, and smart phones with cameras are everywhere.
Don’t Write Down Your Password
Amazingly, this simple rule is broken all the time. There are actually cases of people writing down their password to access the ATM on their ATM card itself! They couldn’t have made it simpler for someone to steal their password if they had wanted to. There are also many cases of passwords written on post it notes and stuck onto the computer screen. There are also passwords hidden under the keyboard, in the drawer or stored in a computer file named "passwords.txt".
But if You Have to Write it Down....
But having to remember all those passwords is a pain. So, if you really have to write down your password, keep it in a secure place, like in your safe. And don’t write down what the password is for. And if you want to store it in a computer, at the very least, make sure it is a password protected file. And don’t name the file "passwords.txt", or anything similar, and don’t use the word password in the file.
Giving Someone Your Password
There are times when you have to give your password to a third party to access your account. Perhaps you paid somebody to set up a script or install a piece of software and they need access to your web hosting account.
You can consider 2 options in this case. You can give him your actual password and change it after the job is done. Or you can change your password to a temporary one and give him that password to access your account. Just don’t forget to change your password back to your original password once the job is done.
Using Public Computers
If it is at all possible, do not use a public computer to log in to your accounts. The security risk when doing this is many and varied, and it is really difficult to tell what kind of risk you are exposing yourself to. If you really have to use a public computer, make sure you change your password as soon as possible after using it. And remember to log out before leaving the computer. If the website does not give you an option to log out, browsing to another website might not do the job. You must close the browser to ensure that you are logged out.
The "Keep me Logged in" Feature
For some websites, when you log in, you can select if you want the site to keep you logged in. This would mean that you will not be logged out if you are inactive for a certain period of time. In some cases, it would also mean that the site will automatically log you in on your next and subsequent visits. This is a great feature but you do have to be careful when using this feature on a computer that is shared between your colleagues or family members.
David Lim is the webmaster of http://QuittingYourJob.com, a business resource for the entrepreneur looking to start, or grow an online home-based business.
This article may be reprinted freely, provided no changes are made, and provided the resource box above follows the article.