Keeping yourself and your business safe and secure is essential, right? So why is it so many people use obvious, sometimes dangerously simply passwords? Here’s a few ideas on how to keep yourself and your business website safe.
But first, a story. Well, before the story, let’s have some background:
“According to a new analysis, one out of five web users still decides to leave the digital equivalent of a key under the doormat: they choose a simple, easily guessed password like ‘abc123’, ‘iloveyou’ or even ‘password’ to protect their data.”
When I first read about some of the terrible passwords people are still using, I really wasn’t surprised.
Shh .. can you keep a secret?
In one notable, recent example, I was asked by a former client to “fix” a web application I was developing so there was only the one username and password for everyone. At the time of being asked, I’d only set one account up, but someone had decided to share this account and soon after, people were signing in with the same account details.
The problem is, due to the security options I’d put in place, each person that signed in signed out the one previous. This was because the system couldn’t deal with two people signing in with the same account details. The client was dismayed.
“Why can’t we all sign in with the same details?”
“Because the system doesn’t allow more than one person to have the same username and password.”
“Can’t they just type their name in after they’ve signed in?”
“That’s the whole point of having a username; so the system knows who each user is.”
I replied calmly, trying not to sound patronizing or condescending. But the question, I suppose, is: why did they refuse to have a unique account for each member of staff?
Being a very large business that bestrides continents, they have thousands of staff all over the world, so issuing usernames and passwords for each member of staff would be a considerable undertaking, one their own IT people refused to manage, even though it was firmly within their remit. And, ultimately, no one could be bothered with having a new account to remember, on top of the ones they already have.
In the end, I came up with another solution, one that didn’t rely on usernames and passwords, one that was arguably as secure, but came with unique problems all of its own.
7 ways to keep your computer safe and stay secure on the web
Consider what you stand to lose if someone snags the password for your computer. For most people nowadays, they stand to lose just about everything.
So what can you do to stay safe and secure on the web? Here’s a collection of ideas for saving and storing all of those usernames and passwords to all of those websites and web applications you sign up to, as well as staying secure while using a computer:
- Avoid obvious passwords — OK, this is obvious by now, but do not use regular names (your own, for example), words (“duck”, “apple”, “tea”, “foot”, “dog” etc), notable dates (your own birthday, or national events) or sequential letters and / or numbers (“qwerty”, “123456” or “abc123”) for passwords.
- Password protect your computer — Most computers (such as Microsoft Windows, Apple Mac OS X, Linux etc) have user accounts. Don’t use the default account, because that’s often the master administrator account. Instead, leave that alone and create a new one, just for you. Then, set it up so you have to sign in every time your computer restarts.
- Be careful in public — If you’re sharing a computer, or using one in an internet cafe, do not allow the web browser to save your details. If someone else uses that computer and visits the same website, they could, potentially, sign in as you.
- Do you own a Mac? Then go into your Applications folder, then the Utilities folder and find the Keychain Access application. By default, many applications store your details there. You can use Keychain Access to add Secure Notes and new Password Items, to store your details securely and safely. Also, you can use Keychain Access to retrieve account details, should you forget them.
- Managing passwords on Microsoft Windows isn’t quite as straight forward; there isn’t an equivalent to Keychain Access. But there are tools built in that do help keep you safe — here’s how you manage stored usernames and passwords on Windows XP and Windows Vista.
- Don’t share your accounts with other people — Sometimes, you’re rushed for time and someone needs to get into application X right away! Sign in for them, let them do their thing and then make sure they sign out afterwards.
- Passwords on paper won’t do — Scribbling passwords down on scraps of paper, stuffed into draws isn’t optimal. You’re either going to lose them, or worse, someone will find them.
- Complex is good — When choosing a password, remembering it isn’t the most important thing, not with the plethora of options for securely saving them to your computer. So choose one that’s more than ten digits, a mix of numbers and letters, both upper and lower case. Some software will even let you use punctuation marks and accents, like [email protected]£$%^&*()¡€#¢∞§ which is even better, because then you have password that contains more combinations than there are grains of sand on every beach on earth.
Got a security tip to share? Let us know how you stay safe…