Passwords are one of the biggest headaches for any organisation. And home users are probably even worse – at least companies usually force their users to change passwords every 30 or 40 days. When was the last time you changed a password at home? Last week, last year or never?
With more people making use of WiFi and multiple computers, many users now have routers. These generally provide an extra layer of security such as a built-in firewall but the default name and password used to access the router are often left unchanged and this can be a serious mistake. The default settings are usually things like ‘admin’ and ‘password’ and can be easily guessed. In addition the most common default settings for the major brand routers can often be found posted on the web.
Using a strong password is vital – many users do not think carefully when creating a password, and still use words that are easy to guess.
The password “password1” is apparently still extremely popular, as is “12345”. Why? It’s like locking your front door and leaving the keys outside – it’s an invitation for disaster.
A survey by security firm Symantec discovered that nearly 25% of users rely on their browser to remember passwords.
It is highly likely that hardly any of those users will change their passwords on a regular basis. Users also re-use the same password or use easy to remember passwords. Browser vulnerabilities are discovered on a regular basis so it’s important to keep your browser up to date.
For example, suppose you fall victim to a phishing attack. If you have passwords stored in your browser then they are likely to have been compromised. And, if you insist on using the same password for all your log-ins then you could be in trouble. How can you prevent this happening?
There are some simple steps you can take to help reduce this risk.
- Ensure you are running the most up to date version of your chosen browser. Most modern browsers contain various security measures that will often prevent you going to a known bad site or a spoofed site.
- Change your passwords regularly. This may seem an obvious step but so many users have the same password for multiple sites/purposes – this is extremely bad security. Passwords should contain a variety of upper and lower case letters, along with numbers and special characters, such as a question mark or exclamation mark. For advice on creating strong passwords see this guide.
- Use a third party password manager. These often use high levels of encryption and security and they can also create complex passwords for you – so you only need to remember one password. There are a variety of free applications available such as KeePass, RoboForm, LastPass and MyPadlock although some of them only allow a small number of passwords to be saved and to save more than this number it is necessary to purchase the full version.
Many users with Smartphones now use the Password Managers above and these can sync the passwords on your PC with your phone. Whilst your PC may be secure, it is all too easy to lose your phone or have it stolen. To make sure your passwords cannot be accessed, the Password Manager should have a secure master password of its own and your phone and SIM card should also be protected against unauthorised access.
You can also clear stored passwords from your browser at any time. It is usually as simple as checking a box. These guides show you how it works
Clear passwords - Internet Explorer
Clear passwords - Firefox
Clear passwords - Chrome
Clear passwords - Opera
Like many things security related, passwords are all about using common sense and thinking before acting.
- Don’t keep using the same password
- Don’t use your browser to remember your passwords
- Don’t write down any passwords
- Don’t store passwords in a Word or text file
- Don’t be lazy and use easy to guess passwords
A little thought could save you a great deal of distress and trouble.
© 2012 TnThelpforum.com
Statistics: Posted by Glaswegian — 21 Mar 2012 23:02
Tags: Articles, Password Manager, Password Managers, PC, SIM