Passphrases and Your User ID!! (Part 2)



Passphrases and Your User ID!!
In our last article we spoke of the “new thinking” of passphrases instead of passwords and we explained how difficult, if not impossible, it is for even a computer to guess your passphrase when it’s larger than 24 or 28 characters.
This short article wants to discuss “login credentials”.  Login credentials is defined as both your user-id and passphrase.  (There may be a 3rd credential, but that’s for another article.) You’ve heard the expression, it takes two to tango.  In other words, a passphrase and user-id must be correct and must be for one another before you are allowed access.
So, perhaps your user-id is more important than many had thought previously!   For those sites that allow you to pick your user-id and passphrase, think of each as a security key.
Now, what should one use as a user-id?  That’s really up to you, but you can make it easy to remember by using a combination of your nickname, street name, account purpose and/or favorite team name.  If at all possible, avoid using your email address because, well, A LOT of people and internet devices already know your email address and if so, they are halfway to getting total access to your account.
Another security hole most people overlook is that they routinely tell their web browser to “save or remember” their user-id (and sometimes their passphrase too).  This way you do not have to enter it thereby saving time.  However, now you have given away one or possibly both of your “credentials” and, if someone has access to your PC, you’ve made it easier to illegitimately enter your account.
To summarize, do you want convenience or cyber safety?  A little ingenuity and a little more typing will get you a lot more cyber safety.  After all, when it comes to cyber awareness on the internet, we can all use safety a little more today than yesterday.


 

The above views and comments are those of Allen Perk, CEO of XLN SYSTEMS.  XLN is a software and cyber security company in Columbus, OH.  Allen serves on the Ohio Attorney General’s Cyber Security Advisory Board and is Chair of the Central Ohio AAC for the National Federation of Independent Business.  Allen’s passion is to help business owners implement the Cyber Security practices vital for their unique size and industry. 

Comments

Popular posts from this blog

Smarter Cyber Security: Passwords Need to be Phased Out!

Recognizing a Phishing Email