Security Protection – Harry Waldron MVP Rotating Header Image

Passwords – Lookout Security shares best practices

Informative mobile and website password techniques are shared:

https://blog.lookout.com/blog/2013/01/11/how-to-create-a-secure-password/

QUOTE: Here are a few tips we pulled together to help. Keep in mind, this alone won’t keep you secure — but its a step in the right direction. Specific to mobile phones: 1.Make sure your phone has a password-protected lock-screen. Password (alphanumeric) is the strongest on Android, but numeric PINs are better than nothing. 2.Say yes to two-step authentication if its offered. Many mobile banking websites or apps will send a code to your mobile phone that is then entered when you access the account or app. 3.Set your phone to automatically lock on sleep mode if it is idle for a few minutes. 4.Encrypt the data on your phone so that its protected from snooping when powered off. iOS devices automatically encrypt and Android users can configure it in “Settings.” 5.Turning off “Make passwords visible” is a good idea so that potential snoopers can’t easily read your password as you type it.

For Internet passwords (which are now often accessed on your phone): 1.As much as possible, the passwords that you use on the Internet should be different from all the other ones you use. Reusing passwords across multiple accounts creates a single point of failure. 2.Use different email addresses for different accounts. Have a separate “junk” email address for spam or free sites that that require login. 3.Don’t use dictionary terms unless you are stringing them together in some sort of unlikely phrase. JennaSurfsHamBoatsForChristmas > jenna123. (Neither of these are my passwords BTW). This XKCD comic offers a witty take on why this is the case. 4.The longer and more uncertain/uncommon the combination of letters, numbers and symbols, the more computational power needed to crack the password. Therefore, the most secure passwords are random but don’t have to be unmemorable. Thieves already account for simple letter / number substitutions, like using 3 instead of E, or $ instead of S. So P@$$w0rd is really just as safe as the normal way.

Comments are closed.