5 Tips for Better Password Security
Last month it was Target. This month, Neiman Marcus takes a turn in the media spotlight. The common thread tying these retailers together surrounds high-profile security breaches.
These security breaches serve as a reminder to anyone – business or individual – and particularly property owners about the importance of safeguarding sensitive personal information and financial payment data collected regularly from renters and prospects. One of the simplest ways to protect that data is to take password creation seriously.
Ah yes. The password. The sentry that guards all that valuable customer and corporate information. If you think of a password as a home security system, you certainly wouldn’t defend your home by asking a five-year old to sit on the porch brandishing a squirt gun. And yet, many people, office employees included, attempt to defend their valuable data by using the most commonly used—and easiest to hack—passwords.
The 25 Worst Passwords of 2013
Helping raise awareness and encourage the adoption of stronger passwords is password management application provider SplashData’s annual list of worst passwords. For the first time since SplashData began compiling its annual list, "password" has lost its title as the most common and, therefore Worst Password. Two-time runner-up "123456" took the dubious honor and “password" fell to #2.
SplashData's top 25 list was compiled from files containing millions of stolen passwords posted online during the previous year. The company advises consumers or businesses using any of the passwords on the list to change them immediately.
Your password isn’t “property” is it? If it is, don’t feel bad. Here's the full list of worst passwords from 2013, according to Splashdata:
|
Tips for Creating More Secure Passwords
Here are some suggestions for creating a more secure password. These are only tips and have not been proven to be fail safe. The idea is to stimulate your own inner personal password security system to create a usable, hack-free password that could keep your work and personal accounts secure and free from unwanted visitors (and unwanted transactions).
1. Mix Letters, Numbers, and Symbols
Many websites ask for passwords with a minimum number of characters with at least one number and a symbol. SplashData suggests using passwords of eight characters or more with mixed types of characters. But keep in mind that passwords with common substitutions like "dr4mat1c" can be vulnerable to attackers' increasingly sophisticated technology. Random combinations like "j%7K&yPx$" can be more secure but difficult to remember.
2. Be Random
Another suggestion from SplashData for creating more secure passwords that are easy to recall is to use pass phrases -- short words with spaces or other characters separating them. It's best to use random words rather than common phrases. For example, "cakes years birthday" or "smiles_light_skip?"
3. Avoid Basing Passwords on Application Used
According to SplashData, this year's list was influenced by the large number of passwords from Adobe users posted online by security consulting firm Stricture Consulting Group following Adobe's well publicized security breach. “Seeing passwords like 'adobe123' and 'photoshop' on this list offers a good reminder not to base your password on the name of the website or application you are accessing,” says Morgan Slain, CEO of SplashData.
In other words, if your system password includes the word “propertyware” you should change it immediately.
4. Avoid Using Significant Dates
This is a common occurrence in usernames and email addresses. Let’s say you get an email from jennifer4157. A smart hacker will guess that Jennifer was probably born on April Fool’s Day in 1957. And chances are she’s using that number combination in a password. Personally identifiable information incorporated into a username gives a hacker one more clue to guessing your password.
5. Avoid Using the Same Password for Multiple Websites
Avoid using the same username/password combination for multiple websites. Especially risky is using the same password for entertainment sites that you do for online email, social networking, or financial service sites. Use different passwords for each new website or service you sign up for.
The rental housing industry is subject to the same risks as any industry that collects sensitive personal information and financial payment data. This type of information is highly valuable and one of the best ways to protect it starts in the leasing office with highly secure system passwords.