Tips On Good Secure PINs and Passwords

The need to easily recall a PIN or a password tempts us to choose something familiar that we can easily recall. It also tempts us to choose universal PINs and passwords that we can use the same ones for many purposes without having to remember more than one set. These are dangerous shortcuts that can often be easily broken by an intelligent identity thief.

A password based on the user's real name or log in user name should be avoided. Any password that is based on information that can easily be suggested by a little research into who you are should also be avoided: a partner's name, children's names, brand of car you drive, your telephone number or car license plate, the street you live in, your father's name, your birthday, and so on.

A popular way among identity thieves who are trying break a password is a dictionary attack. It simply involves trying a large number of words from the dictionary, in any language, in the hope that a normal word has been used. Similarly, words in reverse, common misspellings, or simple look alike substitutions (e.g. "1" for "i") are easily picked up.

A similar approach with attempts to break PINs is to start with easily remembered combinations, such as numbers in sequence, duplicated numbers or numbers representing years or birthdays.

A popular solution is to think of an easily remembered sentence, then to make up a password out of the first letters of the sentence. In this way, Lincoln's "A house divided against it self cannot stand" becomes the password "ahdaics".

Adding complexity to this password could be achieved with some upper case level letters, and including an "L" for Lincoln. By then adding the year Lincoln gave this speech we get: "AhdaicsL1858". It looks complex, but it's not too hard to remember the quote, the speaker and the year.

Most passwords are case sensitive, so using upper case significantly multiplies the difficulty of cracking this password. Some systems also allow the use of symbols in passwords, so we could add an easily remembered explanation mark and a number hash to make the password "Ahdaics!L#1858", which makes it quite a strong password.

This change has also added length to the password, which greatly compounds the difficulties for a would-be password cracker. There should be at least 8 characters, and ideally 14 or more as in this example.

You are usually more limited in your choices with a PIN, typically to 4 numbers. You should avoid repetition and choose random numbers, or a very obscure combination you can still easily remember, such as your boss's office phone extension two jobs ago in a company that has since closed down! Certainly avoid obvious combinations, such as parts of your telephone number or car license plate number, or the year you were born: these are areas where a thief with your card is likely to start looking and testing.

To keep your passwords secure you should:

1. Use separate passwords in each use, not shared or common passwords
2. Keep your passwords very secure, and shared only on a "need to know" basis.
3. Change your passwords every few months
4. Never use your passwords on a shared computer where key stroke logging software could possibly be installed (e.g. at a cyber cafe or public library)
5. Never give your password to anyone pretending to be someone in authority: banks, for example, will never request your password or PIN.

http://hubpages.com

9 Tips to Keep Spyware Off Your Computer

Image via Wikipedia

You’ve got a brand new computer. You set it up with visions of high-speed downloads and fast computing. However, before too long, you notice that performance on your shiny new computer is beginning to lag. Spyware could be the culprit.

Spyware and adware are programs that are installed on your computer (often without your knowledge) that send information to advertisers or return advertising to you. Spyware can slow your computer until it is almost unusable and only reformatting the drive can get things going again.

Here are some tips to protect yourself from spyware:

1. Read User Agreements Before Clicking Yes – Legitimate companies will have user agreements that indicate what other software will be installed if you agree.
2. Be Careful of Advertising That Looks Like Windows Warnings – Some advertisements are disguised to look like Windows warning dialog boxes. Clicking the box will install spyware on your computer.
3. Pay Attention to legitimate Windows Warnings – If you have installed and configured security software, you will get warnings of attempts to install spyware or adware.
4. Install Spyware and Adware Scanning Software – Ad-Aware and Spybot Search & Destroy are free programs that will scan for spyware/adware on your computer.
5. Be Careful with Your Web Browsing –Websites with adult content are more likely to install spyware, without warning.
6. Keep Your Version of Windows Updated – The programmers who develop spyware often look to exploit security flaws in MS Windows. As these flaws become known, Microsoft will update the OS to fix the security hole. Keeping your version of Windows up-to-date will ensure that you have the latest protection available.
7. Be Careful When Installing Shareware and Freeware – Be careful of where you download freeware and shareware. Popular and established software sites will generally scan the download files to ensure they are spyware free.
8. Install a Firewall – Installing a firewall adds another layer of protection from unwanted intruders and spyware programs.
9. Improve Your Security Settings – There are many ways to increase the security for operating systems and browsers. Take the time to learn how security works and make the necessary adjustment to your settings.

Following these tips will help to protect you from spyware.

http://www.ismckenzie.com

Tips for Choosing a Good Password

Nowadays everyone in the family has their own password for something, whether it's your Tween's email address, your own secret blog or Grandma's online pension access. If you don't want others checking/reading up on you, you'll want to make sure you have a very good password to keep them out of your business. Same goes for your computer at work. Strangely, a lot of people use their own names or birthdays as their passwords -- not a good idea, it's far too easy for people to guess these things. No, you want something you can remember, but something that can't be spotted from a mile away, either. The following tips will help you choose a good password that ensures your privacy.

Replace letters with numbers.

Want to use your kid's name as your password? This wouldn't be a very good idea normally, but if you add some numbers into the word itself, it could be very strong indeed. For example, let's use the name Benjamin. If you wanted to replace some of the letters you could change it to b3njam1n. You could do any variation, of course, using as many as you like. And it doesn't have to be only vowels (though they do seem to the be the easiest). If we use the name Shelly we can change that to She77y and you would still have an easy enough time remembering it.

Your birthday -- in another language.

I know I just mentioned how bad an idea using a birthday is, but if you do it in a foreign language it's an entirely different situation. If your computer keyboard only supports one language, you'll want to make sure you choose something that won't require having to seek out funky letters each time you log into something. Is your birthday January 1? Try it in Portuguese! Janeiro1 is difficult to guess unless you live in Portugal. Jan3ir01 would be that much more difficult!

Use your own name - in another language.

If you really can't think of anything and you really want to use your own name, you could try something similar to the first suggestion and translate your name into a foreign language. For example, the name Charlotte could be changed to a Slavic version like Sarlota. And if you really wanted to make it strong, you could change it further to Sarl0ta.

If possible, add extra symbols.

Not all programs will allow you to insert less common symbols, but if they do it's a good idea to use them. Are you totally in love with Hugh Laurie, like I am? HughLaurie is a pretty decent password if no one knows you're crushing on him, but @Hugh+Laur1e@ is an even better one.

Use 8 characters or more.

Your password should not be shorter than 8 characters unless you're using some kind of character set that isn't likely to be recognized by hackers. If you live in Montana, odds are slim that someone's going to guess your password is the word Sushi, if it's written in Japanese characters. That would probably be ok. Unless, of course, you live in Tokyo, in which case your password would be pretty weak! If you can't think of a word that has more than 8 letters, add a few numbers in there or make it a compound word. Many websites require this nowadays anyway.

Use An Acronym

If you play the piano and read sheet music, you'll remember hearing your piano teacher telling you Every Good Boy Does Fine or Every Good Boy Deserves Fudge. That acronym would make a good password if you changed it to E.G.B.D.F

Extra Tips:

• Change your password every month or two.

• Don't use the same password for everything. Always have unique passwords for the big things, like your banking site, PayPal, and any site that has your credit card information stored and ready for shopping.

• Don't save your passwords on shared computers -- it's very easy to back into free accounts like Hotmail and Yahoo.

• Don't choose a password you won't be able to remember!

• Don't write them down and store them in your desk.

• If you do write them down, store them in your wallet or something which is usually on your person.

• Don't email your passwords to your friends or family who might need access for some reason. Tell it to them over the phone.

http://hubpages.com