P@$$w0Rd$

Posted on 10 February 2010 by Silke
No Gravatar

So.
If I come to your house, and try to log into your computer – do you think I'll get in?
How many of you have a password set to log in?
Yeah, we usually set one on our routers, but often the computer itself doesn't have one.
It should.
It's a basic step, but it's an important one.
Especially if you use a laptop.

I sat at work one day and the topic came up. I looked at one of my colleagues and said "I bet I can get into your machine inside of three tries."
He laughed.
Two minutes later he wasn't laughing anymore.
It actually only took me two tries, because I know him. I know what's important to him. That narrows down a longass list to practically nil.
His password was his daughter's name and her birthday. Since he'd mentioned two days earlier it was his daughter's birthday, all I had to do was use that date, knowing how old she is, her name – and combine it.
Bingo.
Yes, it really is that easy.
Even without that knowledge, it doesn't take all that long to break into someone's files.
You may think you have nothing worth stealing – after all, what would they do with family photos and such?
You'd be wrong.
Dead wrong.
Most of us store personal information on our computers. That personal information is worth a fortune to the right (wrong) people.

So lets look at the route a hacker takes:

First line of defense is your router.
Don't care which router you have, if you don't put a password on the dang thing, it's no defense at all.
Most of us have at the very least WPA enabled. This means to log on to our router, you need to know the password.
So if you use WPA (look in your router's settings if you're not sure), then I urge you to come up with a creative, long, nasty, hard to remember password. Use special characters, upper case, lower case and numbers — and use at least 8 of them.
How you arrange them is up to you, but the strongest password you can possibly think of needs to be on your router. (Don't use P@$$w0RD, it's useless.)
Think of something else. Let's say my name is Jane and my birthday is the 14th February 1973.
How about E73n19@2J14
Looks nasty, right? Looks hard to remember, right?
It's not.
What did I do?
I used Jane backwards, starting and ending with a capital letter. I substituted the a for an @ sign.
I also used the birthday backward.
It's not that hard to remember, but it might just throw some hackers off. (I wouldn't use my own birthday btw.)
It's better than Jane14273, that's for sure.
Be creative. :)

If your router runs WEP, you don't need to do this. You should be pretty safe, since that's already encrypted. (WEP > WPA > unsecured)
If your router has a firewall – turn it on.

Right. If someone gets past your router, they can get to your computer.
I run back to back firewalls. One on the router (hardware) one on the computer (software).
If you have a firewall with your antivirus software (i.e. Norton 360, or Nod32), then use that one, instead of the Windows one.
If you don't, keep the Windows Firewall turned on.

Right, so our hacker got past your router and he's trying to get into your computer.
If it isn't password protected… well.
Stick one on there too.
While you're at it, password protect your antivirus as well, if there is something that allows you to tamperproof it. (Norton and ESET definitely have a password protected settings option.)
If  you store sensitive information, and you run Vista or Windows 7, they already come with an option to encrypt folders. XP has the ability as well. Not sure on the Apple Mac, but I'm sure Apple isn't lagging behind in this department either.
Use it.
Especially on a laptop!

Yes, I know it's tedious. I know it's hassle having to log in with a password on your home computer all the time.

What's more, when you retire an old machine, don't just throw it out.
At the very least, take the harddisk out. If you no longer need to use it – don't throw the disk out – wreck it. Take a screwdriver and take it apart, smash it up.
If you sell a laptop or desktop, invest in some software that really wipes out the data, because a lot of those second hand computers are bought by not so harmless people, and even if you format the drive… the data can still be recovered with the right tools. (Trust me, I've done it.)
Yeah, it costs money.

Consider the alternative.
It's more hassle, more expensive and more tedious to resurrect your credit rating and identity.

Take steps to avoid it and get in the habit of doing it, it won't seem so tedious then.

Okay, I'm done preaching for the day!

Silke was born in Germany, but lives in England. She has written several paranormal romances:   HowlSmitten,  and -- coming May 2012 -- Watch Me

Thank you for being here. If you would like to read more by Silke Juppenlatz you can subscribe to Evilauthor's site feed, or subscribe to my (infrequent) book news.

Copyright © 2000-2012   Silke Juppenlatz
All Rights Reserved.

This entry was posted in Odds and Sods and tagged , . Bookmark the permalink.