Protecting Your Online Self

PadlockTips from a Longwood cyber security expert

With online security breaches increasingly in the headlines, Longwood’s resident cyber security expert, Dr. Randy Boyle, co-author of a nationally recognized cyber security textbook and professor of cyber security, offers some basic tips on how to stay safe in the cyber world. The key? Create a strong password.

Encryption doesn’t guarantee security

When a hacker gains access to a corporate network, he or she typically steals a copy of the password list—a list of encrypted codes called “hashes” and the corresponding usernames. All encryption does is slow the hacker down a little. Weak passwords, like 123456, don’t slow hackers down at all.

Hackers can try billions of possible passwords per second. They use dictionaries containing every word in every language and have special software that mangles those words into a surprisingly comprehensive array of possible passwords, including those with number combinations at the end. If you use a weak password, they’ll find a match in seconds.

Changing your password doesn’t make you secure

Most people don’t use very good passwords to begin with, and changing a bad password doesn’t make you more secure. When users create derivations of existing phrases (think, SuperPickles1, SuperPickles2, etc.), hacking a password is child’s play. Use that same weak password for all your online accounts, and your email, work computer and even bank accounts are at risk.

So, what to do?

First, use great passwords. There are plenty of tips around about how to create a password that’s hard to crack. The most common is to take a phrase that’s unique to you and shorten it, adding in special characters, numbers and capital letters. So “my favorite movie is Titanic” becomes “mif@vrTM0v!T*tanik”.

Second, utilize a tiered password system. For your most precious information, like online banking, use one particularly great password. For other shopping accounts, use another password. For other accounts, use
a different one. That way, if one password is hacked, all of your sensitive information will still be secure.

By: Matthew McWilliams

Comments

comments