P1 Technology Helpdesk
with John Rivera
P1 Tech Help: 7 rules for better password protection
Passwords are an everyday part of our lives, both on duty and at home. Many of us are saving money by paying bills online or purchasing equipment online. Some of us are even advancing our careers through online training or logging on to PoliceOne.com to advance our individual knowledge. I am sure you have navigated around on PoliceOne and perused the site to see what it has to offer, and soon found out that you need a P1 login with a password to view the secured portion of the website. This is, by the way, where a lot of the good stuff is posted, in case you haven't noticed.
The fact is, much of the above is easily accessible on the Internet from a computer or smart phone, but in order to get many things, you must log in with a username and password.
Usernames are typically your name or initial of your first with your last name immediately following your initial, but passwords are (and must be) unique. Usernames are often easily figured out, but passwords are unique to the person who thought of it. Passwords can even be considered electronic signatures, so when you think of a password you must think out of the box. If your password is strong enough, it is virtually impossible to crack into whatever you have protected by that password. However, if it’s weak, it’s practically worthless.
You wouldn’t believe how easy it is to figure out a person’s password. For instance, a friend dared me to figure out their password. I entered their username and sat for a few minutes in front of the computer. I knew the person liked to fish, I entered “fisherman” as the password and was able to log in. They could not believe I had it figured out so quickly. Do not use your birth date, family name, favorite hobby, or anything that can be closely associated with you or your family.
Hackers think out of the box to crack into whatever they are trying to enter via computer. Some even remotely enter a computer and upload an automated program (virus) that runs in the background inside a computer and retrieves passwords. There are websites that offer “freeware” programs to expose passwords on a computer. So, if you access a secured site via a “public” computer, be wary that it may have a program that records your typing.
Many web sites are now requiring a minimum amount and variation of characters for a strong and secure password. For instance I have used a variation of numbers, characters and letters in another language as my password for ten years. You can substitute numbers for letters, letters for numbers etc, characters for letters or numbers. The variations are endless.
Knowing a second language can help because you can create a password in the other language.
For some help, you can check out www.passwordmeter.com, a website that can guide you how to construct a strong password.
Meanwhile, some simple password rules are:
1) Do NOT tape your password under your keyboard or anywhere close to your work station.
2) As mentioned above, don’t use your birth date.
3) Don’t use family names, birth dates, or commonly-known information.
4) Do use a combination of letters, numbers, and characters.
5) If you are able to, use another language in combination of letters, number, and characters.
6) Never, (NEVER!) share your password with someone else.
7) If your password is compromised, immediately change it.
$t^4 S@f3 (Stay Safe)