Password Security


Hello all, Christina here! In today’s news, I would like to share a story that is actually slightly embarassing for me. Now, why would I tell you something embarassing about me? Well, because I learned a lot from the experience I had and am really hoping that you will, too.

So, here goes! One of the first conversations that Jeff and I had when we started talking about putting homecybersifu.com together was about password safety and how necessary it is to cook up a password hotter than a flaming OPA! at your favorite Greek restaurant. Yep, and this convo started all because when Jeff went to set up my admin account for HCS, he noticed right away that the password I selected was the weakest of all sauces. In fact, upon his inquisition, I admitted that I might just be one of those people who uses the same couple of passwords for all of my accounts. And I mean ALL. Well, except my DOS account-it’s the only account that forces me to come up with an obnoxious 9 digit bla blah blah obnoxiosly hard password that I ended writing down in a notebook because I kept forgetting it…eek!…and we’ll get to that taboo move later on in this post. Ay, ay, ay! So, anyway, after admitting my password sins, I looked at Jeff with my big brown eyes and asked “is that a no-no?” Um, come to find out, yeah…it definitely is. So, with that bit of history told, being the good guy that he is, Jeff gave me some amazing pointers on password development and management, and I would love to impart that information to you.

Ya’ll ready? Then let’s go!

If you go to our good friend, Google and look up something to the effect of “how to develop passwords and remember them,” many pages will generate with tons of recommendations. A lot of them have some really useful information. Oppositely, a lot of them are pretty darn two-bit. That stated, Jeff and I went ahead and posted links on our Cybersifu Pinterest board with the better websites that we have run across, so feel free to check them out if you feel as though you’re hitting walls when it comes to finding valuable and useful information; we got your back, ya’ know ;).

All right, so let’s get down to these pointers. Truth be told, it breaks my heart to know that, even though there is so much knowledge provided about the risks involved in opting for weak passwords, a lot of people still do it anyway. :::sigh::: However, it delights me to know that there are still a good number of people who take cybersecurity seriously. In fact, if I had to guess, I would say you’re pretty serious about keeping your accounts safe which is probably why you’re reading this now. Congrats! That said, here are the great tips and tricks I promised that Jeff taught me about concocting passwords that are more discerning. Oh, and not easily forgotten!

  • Strong passwords are typically achieved by using two upper case letters, two lower case letters, two symbols, and two numbers, for a total of eight characters. For social media and email sites, this is a great start. However, for financial and personal data purposes, a 12 character minimum is highly recommended.
  • If you decide to pull an old-school Christina and re-use a password for multiple accounts (even after being told that it’s the worst idea ever), at the very least, please make sure that the passwords for your financial sites differ from the passswords for your email accounts, and then make sure that your financial passwords and email passwords differ from your various other online site passwords that you use (like social media and what not).
  • At the risk of sounding repetitive, when it comes to creating the passwords for your financial related sites (to include anything like a bank account, credit account, investment account, IRS account,etc.), please, please, please be wise and use the tools outlined in the articles we provide so that you can develop acount specific passwords that are difficult enough that they are able to act as powerful guards against breaches in your cybersecurity.
  • So, this may seem like a bit of a no-brainer but, as mentioned earlier in this post, I’ve made the mistake of doing it before, so here goes: DO NOT write your passwords on paper! If you feel as though you need to keep some sort of record of your passwords, opt for a medium that is less physical and more virtual, such as a manager with AES encryption, or another kind of encrypted folder on your computer. Just don’t name any of the the folders ‘passwords’…and I promise I’m not laughing a little bit to myself right now at the thought of someone doing that. Anyway, though, back to the seriousness of this subject. Speaking of encrypting files and drives, I’ll be going over that in a future post. It might change your life so be sure to keep checking back ;)
  • Last, yet definitely not least, another important tidbit that may seem like a no-brainer is to not share your password with anyone, except for someone that you trust with your life and your money.

Oh, one more thing. Jeff admitted that sometimes it’s okay to re-use passwords to a degree on some sites. That said, he shared a trick that goes something like this: When re-using passwords, re-use part of the website being logged into in order to modify your password. Here’s an example: let’s say your base password is HoCySi2015@@ and you want to create a password for www.google.com.¬†An easy thing to do would be to simply add the first two letters of the website you’re creating the password for (Google) to your base password (HoCySi2015@@). In turn, your Google password would be GoHOCYSi2015@@. Pretty cool, huh?

-As a small footnote, this is not exactly what Jeff does, he does something a little more complicated. I mean, he is the master when it comes to cybersecurity ;) That said, even though we’re not all doing it exactly like Miagi, the method I just demonstrated is the perfect step in the right direction in terms of password security.-

More to come and stay secure!!

Related Posts
No related posts for this content
Christina Myers

Click Here to Leave a Comment Below 1 comments
midwestjones - a couple of years ago

I’m not sure there’s enough of a difference between passwords if you only add a “Go” at the beginning of your base password. I mean if the original password is compromised because it wasn’t hashed and/or salted correctly I’m sure any hacker would try the base password on other sites and when that fails wouldn’t they, too, just add a Go to the base password and see if that works?


Leave a Reply: