Good Passwords Will Protect You from the Ashley Madison Hacks of the World

Friday, August 21, 2015

Don A. Kruse, GoLocalPDX Contributor

Racy? No. Glamorous? No. Passwords may not be sexy, but they are the single most important piece of your online security. Major online security breaches happen, and they affect millions of people -- think recent hacks at AshleyMadison.com, Anthem, JPMorgan Chase, Home Depot and the US Office of Personnel Management.

What can you do to protect yourself? In a word, it’s passwords.

A System for your Systems

Hacks are terrible. Having a good password won’t always protect your information from hackers, but it will make it more difficult for the hack to be more terrible for you in the long run. Make sense? Ensure that you have strong (and different) passwords for each online service that you use and have a system that helps you remember all those unique passwords. It’s a chore, but you can’t use ‘baloney1’ for every online service from OKCupid and Google to online banking and Facebook. You’ll need a different password for each service – and they all better be good.

Anatomy of a Good Password

Passwords should be a minimum of 13-15 characters. Yep, it needs to be long. In fact, bigger is better. Advances in password cracking are moving ahead fast so you need to keep up with the times.

For maximum security, you’ll need to change your passwords at least once per year (but every 6 months is better). Each of your passwords should be different for every online service you use. This is undeniably a pain but I have a system for you to use that will make this a no brainer.

Your New Password(s)

The passwords you come up with are going to be a compromise: they need to be good, but you need to remember them.

People aren’t good at coming up with passwords: so I’m going to make it easier for you. Just like counting cards to win at blackjack, you’ll need to learn a system.

Use a System

“Through 20 years of effort, we’ve successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess.” - XKCD Web Comic

The idea behind the system is not to make a perfect password. The problem with making a perfect password is it works great for a machine but you won’t be able to remember it. What this system will do is give you a good password, possibly even a really good password, but it is one you will be able to remember.

Essentially, you only have one password that you have to remember. This also helps you avoid the pitfall of using the same password for multiple services. The problem with that is if one service gets hacked then those hackers have the password to all of your online accounts. This system prevents that from happening (although good hackers might figure out your system, I have remedies for that).

Generating a Password

The foolproof formula is to use a [random word] + [3-digit number] + [random word] + [first 3 letters of service]

Use a password assistant (see the links below) to generate a password for yourself, such as ‘praY517*apron’.
Add the first three letters of the online service to customize the password for each online service. For example, Facebook becomes FAC, Netflix becomes NET, Zapos becomes ZAP, Google mail becomes GOO and so on.

Now combine this with your password and 'halloW517*apronNET’ is your new password for Netflix.

- praY517*apronFAC (Facebook)
- praY517*apronZAP (Zapos)
- praY517*apronGOO (Google mail)

When it’s time to replace all of your passwords, change the order of the pieces. Your password for Facebook might then become apronFAC517*praY. Got it?
Pitfalls and Solutions

There will be some problems using this system because some services don’t support good passwords. They limit you to very few characters and/or they don’t allow the use of non-alphanumeric characters (symbols), or they limit you to just a few. This is bad security practice and these sites and services should use better password standards. That said, there are several methods to deal with these sites:

- The symbols * & - _ # @ are the most likely to be accepted by systems that don’t support good passwords.
- If you encounter sites that won’t accept your good password—yes even some banking sites have strange rules—create a second password that will work with services that only accept short and/or simple passwords. You can still use the system for these.

Nerd Stuff: 2-factor authentication

Two-factor authentication is a good way to make your online accounts secure. What two-factor authentication does is add one more step beyond just your password. Usually this involves linking your online account to an app on your smartphone. When you log in with your password a digital key is also sent to your smartphone app, you then approve the connection and you’re in. If someone had your password, such as your 13-year old son, he couldn’t get in without also having your smartphone. Your smartphone is passphrase protected right? And only you know the code, right?

Don is the Information Technology Manager at law firm of Stahancyk, Kent & Hook in Portland, Oregon. He is a member of the Portland FileMaker Pro User Group, the Apple Developer Connection, and the InterFace 2010 Advisory Council for Oregon and Southwest Washington. He enjoys blogging on his own web sites and others, providing technical support tips in web forums, talking long walks with his son, and learning home improvement and gardening.

Related Slideshow: Mum’s the Word: Life and Beauty Hacks for the Mom on a Budget

Prev Next

1. Shop Resale

Scouring thrift stores may have not always been cool, but thanks to Macklemore and hipsters, shopping in the thrift store is a new trend.

Embrace that.

Shopping resale offers you a great way to spend less money on clothes that your children will grow out of in two hours.

For you, by shopping secondhand, you can continue wearing those designer brands even if you aren’t making that designer money. Thrift stores, consignments stores, garage sales, and EBay are all fantastic ways to look good and stay in your budget at the same time.

Prev Next

2. Drive-in Theaters.

Drive-in theaters are a lifesaver. They are typically cheaper than regular theaters, and you often get to see two films for the cost of one.

So what if Mom is tired of watching cartoons, though?

Well, if you have a pair of headphones and a smart device, you’re in luck. At a drive-in, you can watch a previously downloaded movie on your smart device while your kids enjoy the movie on the big screen.

Prev Next

3. Non-traditional Manicures

Manicures make us momma’s feel fancy even when we know we’re only moments away from having to change a poopy diaper or scrub vomit out of the only clean pair of pants we have.

On the other hand (pun intended), getting a manicure every couple weeks can be expensive.

Coming to our rescue are the nontraditional nail wraps or Jamberry nails to help keep us looking fresh. These are cheaper options for having pretty tips and toes, and you can apply them yourself at home.

Photo Credit: Jamberry Nails (Image Cropped)

Prev Next

4. Downward Dog at Home

I am a wannabe fitness fanatic. I love nothing more than going to the gym at the end of a shift at work to see if I can lift more pounds than the 65-year-old man bench-pressing next to me.

On the other hand, gym fees and their associated “daycare” service puts a small yet significant dent in my wallet.

Despite that, I’m still able to get my fitness on everyday by watching one of the myriads of workout videos on YouTube. Sure, my neighbors walking past my window think I’m crazy, but this way I’m able to keep my biceps and that extra $50 -$70 a month that I would’ve been spending at the gym.

Prev Next

5. Digital Coupons

This one is a no-brainer, but I see so many of my friends and fellow mamas forgetting to take advantage of digital coupons.

Groupon is a popular one to use for tickets to the movies, dinners, or vacation packages. However, did you know apps like RetailMeNot alert you the second your favorite store is having a sale or offering a discount?

Other coupon apps like SnipSnap also allow you to share your coupons with friends and customize the list of stores you want to be given coupons for.

Finally, the fact that they’re digital give us Millennial Mamas a legitimate reason for having our phones out.