Change Your Passwords! - Affordable Technical Solutions

 

All on line accounts (including email) have passwords. If you have not changed them recently, you are at greater risk of being ‘hacked.’

Most security experts advise changing passwords every 90 days. Until recently this seemed like overkill, but the situation I described in my last column illustrates why changing passwords frequently is important.

I assisted two customers who had their Frontier email accounts hacked. They probably had not changed their passwords in a very long time.

Frontier has used Yahoo as their email provider for several years. If you have a Yahoo email account, you probably recently received notification of a pending class action settlement “relating to data breaches occurring in 2013 through 2016.”

In 2013, malicious actors gained access to all existing Yahoo accounts (approximately three billion worldwide). In 2014, approximately 500 million, and in 2015 and 2016, approximately 32 million. So this illustrates how important it is to change your passwords frequently.

Using a complex password is also important. I see way too many people using simple words or easily guessed combinations of information such as telephone numbers, street addresses, or names of children.

A complex password should be at least 8 characters long and include a mix of uppercase and lower case letters, numbers, and symbols such as @./|$*&-_. It should not should be a just a sequence of numbers or contain any words found in a dictionary.

So something like “password1” is really bad. To create a complex password you can replace letters with symbols or numbers that are similar, for example “p@$$W0rd1.”

Another way is to come up with a sequence of words that makes sense to you, then use the first letter of each word. For example “Excellent advice for you from Peter Newell Affordable Technical Solutions” becomes “EafyfPNATS.” That is a fairly random sequence, but to obfuscate it even further, substitute numbers and symbols: “ea4yfPN@T$.”

Remembering clever complex passwords like this might not be so hard if you didn’t also have to change them often.
The problem is compounded because you absolutely should not use the same or similar password for different accounts, and when you change passwords the new ones should not just be variations of the old ones.

The natural response is to write them down. Experts warn against it but there is just no way most people will remember a large number of passwords that change frequently. If you do write them down on paper, you shouldn’t keep the paper near your computer.

Another way is to keep them in a file on the computer. However, if anyone gets access to your computer, they have all your account information. A simple way to solve this problem is to put the information in to a passworded file. This can be easily done using a spreadsheet program such as Excel or LibreOffice Calc.

Password Managers are another solution. All you need to know is the master password. This is a topic for a future column.

If you have not changed your passwords recently or are not using complex passwords, I advise you to change them as soon as possible. For assistance with all things technical, you can contact me at 315-376-8879, solutions at atspn.com, facebook.com/AffordableTechnicalSolutions.

Original newspaper column published September 2019