The word “password” is really a little misleading. It makes the person think they must think of some word or group of words that makes up a password. That might be true for the old game show of the same name “Password” that was popular in the 1960’s 70’s and 80’s. But using any word as your password in today’s world of hackers, and phishing exploits is just not a good idea, unless you enjoy being hacked.
If your an owner of an web site (or have any kind of log in on the internet) it’s all our responsibilities to make sure our sites are secure, if you are using some script (web based software like WordPress, Joomla!, forum software etc) always keep your software updated to the latest version or your opening the door to vulnerability to a hack or worse that will not only effect your web site and the data in it, but it could possibly effect your neighbors that share the same web server as you. And that is just not neighborly.
Besides an outdated piece of web based software, one of the easiest ways to hack your web site and the server your web site resides on is for you to use a simple word or set of words as your password and these are easy to guess. And if you want to make a hackers day just use these common passwords:
- Swear words
- Your spouse’s name, or names of friends or your pet’s name (sometimes followed by a single digit like 1 or 2 or 0)
- License plate numbers
- 12345678 (or any string of numbers like this)
- Date of birth – like yours, your spouses, kids or parents
- Favorite sports team, or school you went too or the city you live in
- or the worst, using the word “password” as your password.
Keep in mind that hackers use hacker programs that attack most of the above passwords as well as many other simple variations. They also use what is called a dictionary attack and sometimes combined with a brute force attack. And if you are using any of the previous ways to generate your passwords you are on borrowed time (and you will not like the results).
I fully understand that you want to use a password that is easy to use, and so does that hacker waiting to hack your site. So what do you do? Simple, make sure to use at least 10 characters (least a minimum of 8 characters but more the better). On the majority of web sites passwords are case sensitive meaning upper case and lower case letters are consider different characters, use special characters on your key board like % & @ ~ ! > < )* ^ etc. and of course numbers. Mix it up and come up with a string that you can remember but tough for the hacker. Here would be a random example of a secure password using 10 characters: ^g76E~(ix#
(now DON’T use that password for real)
The easiest way to remember your password is to practice typing it in when you login instead of using your web browsers ability to remember it. Also make sure you have good anti-virus software on your computer to prevent any sniffing of your keyboard. Never click on any emails asking you to login to a site that looks legitimate, if you know the site, type in the web address into the web browsers address address window.
As you see the word “password” is really misleading in today’s internet world. We need to rename password to something more appropriate, like passphrase or passcode. If everyone does their part it will make the internet a more secure place, and especially if you own an ecommerce site, you need to have a plan in place to not only have secure passwords but changing your passwords on a frequent basis, well that would be good advice for all of us.
Here is a PDF file you can download as a tool to create a Secure Password: Strong Password Formula