Passwords: Your First Line of Defense in Internet Safety

February 5, 2014

Login by: Doug Zbikowski
It’s amazing how many Internet services an average person uses. For example I’ll pick on my parents as they’re the least tech- savvy  people I can think of at the moment: they fall in the “light user” category, yet in an average week they may log into :

  • email
  • Facebook
  • a couple of banks
  • investment accounts
  • health insurance website
  • several retail store accounts
  • Amazon
  • credit card services
  • utility services
  • Netflix

…and probably more. That’s 10+ services for a novice user on a weekly basis. Each one of these services requires a way to identify yourself, and that’s usually in the form of a username and password.

Passwords are a weak link in any security system. Forming a password means you have to remember it, and when you’re using several services it gets difficult to keeps things straight. You may get past this by habitually using the same password for everything. To make things even easier, you may be using a simple word or name for your password. On top of these, many services require you to use your email address as your username, and you may be using your email password to log into other services as well.

We all do this- heck, I’ve done it. The major flaw with this practice is you end up with the key to your email messages being stored by several 3rd parties on the Internet. If even one of those services gets compromised by a hacker, they’ll also have full access to your email. From there they can see what services are sending you  promotional messages, statements, and bills, use your email account to reset passwords, and gain access to any number of your accounts. Savvy hackers even use social engineering to get information out of friends or family: they may send a message to a coworker or a family member asking for their password information, links to viruses, or even requests to send money to their bank accounts – since the message looks like it came from  you they may very well comply with the requests.

Scary!

Passwords Are Serious Business

According to our security partner GFI , the most common passwords are:

123456
123456789
1234
password
12345
12345678
Admin
123
1
1234567

If your password is on this list (or anything similar) and your account gets attacked, your information can be accessed within seconds. Numbers especially are terrible passwords as computers can generate huge lists of numbers instantly, meaning a numbered password is essentially one step above having no password. Keyboard patterns (qwerty”, “zxcvbnm”, “poiuytrewq”) and words found in the dictionary are in this same group. Hackers don’t just sit there and try to type in different passwords. They often employ specialized hardware and software to generate password possibilities. One report I recently read from Security Ledger demonstrated how off the shelf graphics cards used for PC gaming can be used to try  billions  of passwords at once.

The next most popular set of passwords involves the name of a family member followed by a number. Out of 10 people reading this, I’ll bet one of you is using something on this list:

Emily1
Joshua1
Jessica1
Jack1
Sarah1
James1
Olivia1
Thomas1
Georgia1
Matthew1

This is a recent list of the most popular names for boys and girls followed by a “1”. Using any names associated with you makes it easy to figure out your password. Shy away from using proper spellings of children, pets, or possessions. Adding numbers to the end doesn’t help much, so it’s best to avoid the practice. Other personal information to avoid are proper spellings of birth dates, maiden names, or anything else that can easily be tied to you through a bit of research.

The best tip, and I can’t stress this enough, is to stop grouping your email address and email password together when signing in to services. If an account requires you to log in with your email address, that’s completely fine. However, you do NOT need to use your email password to log in. Using a different password will prevent any security breaches on that service from giving access to your email account.

Complexity Can Be Easy

You need to start using complex passwords. It’s actually easy to create a “hack-proof” password using a few simple tricks:

  1. Use a minimum of 8 characters in any password. Each character you add after that exponentially decreases the likelihood of it being guessed.
  2. Mix capital and lower case letters, numbers, and characters together. Feel free to use characters in the place of letters:  “eric1234” is a terrible password, but Er!cOne23Four is an excellent password. It’s the same thing, just typed a different way.
  3. Change up a variation of the same theme. Instead of names, maybe make the password relevant to the service you’re logging into. For instance, if you’re logging into your bank, maybe using something like “Ihave3.9%F1nanc1ing”
  4. Another method is to make a “base” password, and then change the beginning and ending for different services. If you make a base password of  “baseball”, maybe use an attribute of the service you’re using before and after the word. Example: if you’re logging into First National Bank, you could use $avingsBaseball@ccount.

The trick is to come up with a pattern that you can remember, but looks complex to everyone else. DO NOT write down passwords anywhere. Most services offer “reminder tools” to nudge you in the right direction if you find yourself with a temporary case of password amnesia. Use these tools rather than relying on a piece of scrap paper that anyone can get a hold of.

Once you come up with your password, you can check its “strength” with Microsoft’s Password Checker Tool:  https://www.microsoft.com/security/pc-security/password-checker.aspx. If your password comes up as medium strength or less, revise it until it gets a ‘strong’ rating.

Many Internet users are simply unaware of  the importance of security. It is a huge concern, and you need to do your part to protect yourself. Even if you consider an account to be unimportant, the bits of information it contains can easily lead to bigger problems down the road.

Like us on Facebook   Follow us on Twitter!   Email us!

New Business Broadband Plans!

By Mike Pawlecki March 31, 2021
TOAST.net is excited to offer 4 new Business Broadband plans

New Fiber for Business Plans!

By Mike Pawlecki March 11, 2021
TOAST.net is excited to announce 3 new Business Fiber Plans

New Residential Fiber Plans!

By Mike Pawlecki January 12, 2021
TOAST.net has added two new residential Fiber Internet plans!

Switch to Universal Pricing

By Mike Pawlecki August 14, 2020
This coming Monday, Aug. 17th, we will be switching to universal pricing -- one price for all DSL speeds (around $65) and one price for Fiber (around $90). So if anyone is thinking they could use one of our basic service plans, now's the time to order. For example:  DSL - 12 Mbps for $43.95/month - Great for seniors on a fixed income. Plenty of speed for surfing the web, checking email, and streaming for 1 or 2 TVs. Fiber - 60 Mbps for $45.00/month - Awesome solution for just about any household. Note that fiber is a new technology and only about 20% of the country can get it.  Check your address to see what service you qualify for and order by Sunday, 8/16/20! This is your last chance to lock in the speed and price of a great DSL or Fiber plan before they are grandfathered! 
Google Meet for your home or office.

Google Meet

By Mike Pawlecki May 20, 2020
Google Meet is now free for everyone. Check out TOAST.net's blog that tells you more about Google Meet usage at your home or office.

Work from Home (part 2)

By Mike Pawlecki May 1, 2020
Google - Meet Meet is video conference software, similar to Zoom. To help businesses, schools, and people around the world navigate remote life, Google is making Meet free for everyone with availability rolling out over the coming weeks. See Google's blog post for details. SolarWinds - Take Control You may need to run applications off your PC or server at the office. In that case, SolarWinds makes makes an easy-to-use application that allows home users to remote desktop to their PC in the office. It's secure and doesn't require special hardware, a static IP, or VPN. We're offering this software free of charge for 90 days. Please contact us if interested.

Work from Home

By Mike Pawlecki March 20, 2020
This week we've taken quite a few calls from companies asking how their employees and staff can work from home (WFH). We're happy to offer several WFH solutions to help organizations mitigate health risks to employees and customers. TOAST.net understands how important it is to keep your employees connected, productive, and safe during this unprecedented pandemic. Here are the services we have to help your business through this difficult time : Business Portal is a 'home page' for your browser that improves communication and efficiencies within your organization. It's a private Intranet that features company news, announcements, links to vendors and cloud apps, an employee schedule, and more! We offer this at no charge to our customers. Visit https://start.toast.net Google's G Suite - TOAST.net is an authorized reseller of G Suite, a cloud-based collaboration tool featuring Email, Calendar, Chat, Hangouts (video conferencing), and Drive. You can create files, documents, spreadsheets, and presentations with just your browser (no software to install) and share these with fellow workers, customers, and vendors. More info Remote Desktop - an easy-to-use application that allows home users to connect to PCs in the office. It's secure and doesn't require special hardware or a static IP. We're offering this free of charge for 90 days. High-speed Internet for Home - We provide residential Cable, DSL, and Fiber Internet service . So you can pay for your employee's Internet connection on your business invoice. Please contact us if you're interested in any of these services. B est wishes to everyone to stay healthy, safe, and upbeat as we socially distance ourselves for a quick end to this situation. Note: Our customer support team continues to work their regular hours. We operate support teams in multiple locations and, while there may be some disruption at certain locations for a limited time, overall we do not expect any significant change in access to support.

Cut The Cord With Unlimited Data

By TOAST.net Internet January 28, 2019
In the month after Christmas, we’ve seen a high demand for our Internet service with unlimited data. Much of it is from people wanting to use their new streaming device (Fire Stick, Roku, Chromecast, Apple TV, etc.) to cancel their expensive cable TV service. This is commonly referred to as “cutting the cord.”

Fiber Expansion

By TOAST.net Internet December 17, 2018
TOAST.net is pleased to announce fiber Internet service in 12 new metro areas:

Start Page Updates

By TOAST.net Internet December 12, 2018
Moved Facebook link from top bar to the Popular Sites section. Added Yahoo Finance to the Personal Finance section. Yahoo Finance is one of the largest business news web sites in the United States by monthly traffic.
More Posts
Share by: