Password Security Tips for SMB

How many accounts do you have that require a password?

• Your computer?
• Your mobile?
• Your iPad?
• Online shopping?
• Social media accounts?
• Online banking?
• Online payment of services such as power, phone?
• Top-up mobile data plans?
• Your own business systems such as CMS?
• Even your router in your office would have a password for the admin panel!

Of those accounts how many are using the same password?

I hope none but at a guess I would be very wrong.

At a guess I bet a lot of you are using the same password for every social media profile and possibly most of the online shopping accounts you have.

I would also guess that you would have a unique password for your online banking – right?

Most hackers know that people will use the same password for many accounts and sometimes using the same password “structure” but changing a few characters to come out with a password that is different but still roughly the same.

I am not going to waste your time and mine trying to convince you how easy it is to hack a persons entire online life when using easy passwords so for those of you who have not placed security in the “too hard basket” because of laziness below are some tips to create stronger passwords and also how to safely store them to use.

A “Top 5” is too much for most people these days so here is the golden rule for creating a strong password.

“Use letters, numbers and symbols. NEVER EVER reuse a password for another account.”

If you follow that rule you have just increased your security protection by x10000000….

Examples:

Beyond Stupid Password: “qwerty” or “123456”

Stupid Password: “passwor0d” or “mysecret”

Good Password: “C=3W”,+2N3″e3bp”

To see how easy it is for a hacker to crack your password go to the site below and enter passwords that you consider safe – then see how long it will take a hacker to break it.

https://www-ssl.intel.com/content/www/us/en/forms/passwordwin.html (try adding in “passw0rd” for a laugh)

How to easily create a very strong password

Use online password generators like this one: http://strongpasswordgenerator.com leave the defaults and just click the “Generate Strong Password” button.

Now generate a password from that site and go back to https://www-ssl.intel.com/content/www/us/en/forms/passwordwin.html and enter that password in and see how long it will take to crack it.

But I cannot remember this password!

Very true – who could remember something like this?

C=3W”,+2N3″e3bp

So what you need to use is a Password Manager. This is a handy tool to store your strong passwords within a safe environment so you don’t have to remember them.

Now if you are using MAC then there is an in-built Password Manager called “Keychain” here is a tutorial on the application but at a guess you would be using this already without knowing it as its seamlessly built into MAC. http://mac.tutsplus.com/tutorials/security/unlock-the-power-of-your-macs-keychain-utility/

For Windows users I would look at using KeePass which is free and open source.

“KeePass is an easy-to-use, powerful tool that helps you store and manage all your passwords in a highly secure database. You can put both that database and the KeePass program on a USB memory stick and carry it with you. The database is protected by a ‘master password’ that you create. This password is also used to encrypt the entire contents of the database. You can store your existing passwords in KeePass or have it generate one for you. KeePass doesn’t require any prior configuration or specific installation instructions. It’s ready to go when you are!”

Here is a really good tutorial on installing it.
https://securityinabox.org/en/using_keepass

Foot Note: If you are following the Snowden/NSA affair I like KeePass because its open source not a closed system so people can review the code for backdoors etc… and also it does not use the cloud to store your passwords so NSA can have a look. How stupid to store your passwords in the cloud??

This is a good review: http://www.pcworld.com/article/2026547/review-keepass-makes-strong-passwords-and-keeps-them-safe.html