Passphrases and Your User ID!! (Part 2)

-


Passphrases and Your User ID!!
In our last article we spoke of the “new thinking” of passphrases instead of passwords and we explained how difficult, if not impossible, it is for even a computer to guess your passphrase when it’s larger than 24 or 28 characters.
This short article wants to discuss “login credentials”.  Login credentials is defined as both your user-id and passphrase.  (There may be a 3rd credential, but that’s for another article.) You’ve heard the expression, it takes two to tango.  In other words, a passphrase and user-id must be correct and must be for one another before you are allowed access.
So, perhaps your user-id is more important than many had thought previously!   For those sites that allow you to pick your user-id and passphrase, think of each as a security key.
Now, what should one use as a user-id?  That’s really up to you, but you can make it easy to remember by using a combination of your nickname, street name, account purpose and/or favorite team name.  If at all possible, avoid using your email address because, well, A LOT of people and internet devices already know your email address and if so, they are halfway to getting total access to your account.
Another security hole most people overlook is that they routinely tell their web browser to “save or remember” their user-id (and sometimes their passphrase too).  This way you do not have to enter it thereby saving time.  However, now you have given away one or possibly both of your “credentials” and, if someone has access to your PC, you’ve made it easier to illegitimately enter your account.
To summarize, do you want convenience or cyber safety?  A little ingenuity and a little more typing will get you a lot more cyber safety.  After all, when it comes to cyber awareness on the internet, we can all use safety a little more today than yesterday.
 

The above views and comments are those of Allen Perk, CEO of XLN SYSTEMS.  XLN is a software and cyber security company in Columbus, OH.  Allen serves on the Ohio Attorney General’s Cyber Security Advisory Board and is Chair of the Central Ohio AAC for the National Federation of Independent Business.  Allen’s passion is to help business owners implement the Cyber Security practices vital for their unique size and industry. 

Comments

Post a Comment

Popular posts from this blog

-
Cybersecurity in 2021: What to expect in the coming year – Jim Schirtzinger, XLN SYSTEMS As any particular year comes to a close, it is typical to look back at everything that has happened. We celebrate the good, mourn the losses, and try to learn from mistakes. Most will agree that 2020 was an unusual year by any standard, highlighted by a major pandemic, lockdowns, civil unrest, and a controversial presidential election. Rather than dwell on all of the bad that came from 2020, it is time to look ahead to 2021 with anticipation and hope for a return to some form of normalcy. Unfortunately, no matter what improvements are made over 2020 (An effective virus vaccine? A calming of political tension? A robust economic recovery?), Cybersecurity will remain a constant and urgent need for everyone both commercially and privately. With that in mind, what new threats should we expect to face in the digital realm as we turn the page from 2020 to 2021? 2020 saw a huge increase in connected de
Read more

Smarter Cyber Security: Passwords Need to be Phased Out!

-
  Passwords simply aren't secure enough! Passwords are a major part of our lives, and we all have far more of them than we care to think about. They are the keys to our “electronic” locks.  The trouble is, our keys are so easy to copy or guess, we might as well not have the locks!  U nfortunately, there isn't any continuity regarding criteria for passwords from one site to the next. Many require an uppercase character or a lowercase character or must have a number or must have a special character AND cannot be a password you have chosen in the past 45 years! As a result of having so many sites where we need passwords, we try to make it easy for us to remember them.  However, if it’s easy for us to remember, it’s easy for the bad guys to guess.  Did you know that the most common passwords are:  Password, Password123, admin, welcome, letmein, QWERTY, QWERTY1234, 123456 and 123123? Not smart! The trick is to come up with a way that is easy to remember your password and make it har
Read more

RANSOMware: Protecting Your Small Business

-
As small business owners, we wear many hats in order to grow and protect our businesses.  In today’s Digital Age, we must wear one more; we are the Protector of our business from the threat of Cyber Intrusion, Data Theft, and Financial Embezzlement. But how can we protect our business when big businesses with deep pockets can barely protect themselves?  We read practically every week another well-known large corporation admit they were “hacked” and millions of customer records have become compromised.  Closer to home, we hear how thousands surrender to “digital pirates” via RANSOMware, where your PC and data are held at ransom by data encryption until you pay the bounty. Keep your head up!  There are things we can do to protect our businesses, and these proactive defenses won’t break the bank. First, EDUCATE yourself and your employees who have access to business computers.  Passwords should be at least fourteen characters long, never shared and never written down near the PC.  When re
Read more