Saturday, September 10, 2011

The best password is a sentence, says expert

 
(CNN) -- These days anyone could be watching you, monitoring your every move, waiting to pounce and poach passwords to access your personal data.

"There are new attacks every day, we see something like 90,000 new pieces of malicious codes coming into our labs every day -- that's one every second," said Graham Cluely, Senior Technology Consultant at the software security company, Sophos.

"The main motive to all of this is to make money," he added. "They want your email passwords so they can begin to commit identity theft and raid your bank accounts."

The most common passwords are words that you find in the dictionary like "password," "tablecloth" or even the name of a football club. Cluely dismissed these types of passwords as rubbish.

"Normally hackers use a dictionary attack," he said. "They would run your account against all the words in the dictionary until there is a match."

The best advice is to never use an ordinary word as a password. Cluely has a very simple method to ensure that passwords are more secure, easy to remember but difficult for hackers to crack. His example of a strong secure password is "F&WL2HH&E4D."

"You would be forgiven for thinking 'I'll never remember that!,'" he said, before assuring me this is the simplest way to protect your data because the best password is, in fact, a sentence -- in this case, "Fred And Wilma Like To Have Ham And Eggs For Dinner" becomes "F&WL2HH&E4D."

Cluely recommends that a different password should be used for every website that requires a login so that hackers don't get a skeleton key for all accounts, and there are websites that are like virtual vaults that can help manage multiple passwords.

"You only have to remember one password to access a list of all your different passwords," he said. There are free websites like Keepass and Lastpass for PCs and Macs, and 1password just for Macs.

Cluely also stresses the importance of updating the anti-virus software on computers because of the potential threat of hackers stealing passwords as they are being typed in.

"They have a piece of software called Spyware, a virus which is basically looking over your shoulder and watches every key stroke you make," he said.

The most recent attacks that Cluely has been dealing with have been related to Osama bin Laden.

"The whole world has been fascinated by Osama bin Laden's death -- people have been going on the net and searching for videos of his death and photographs of his death.

"The bad guys, the hackers have been creating poisoned videos -- fake videos and fake pictures -- so if you go searching for that content on the internet, you might end up on a web page designed to infect your computer, steal your password and take control over your online identity."

Hackers poisoning pictures and websites relating to prominent news subjects is not a new phenomenon -- the same viruses appeared when Michael Jackson died, and during Prince William and Catherine Middleton's wedding for those who were searching for pictures of Middleton's wedding dress.

As hackers come up with new ways to infiltrate our personal data, we should try to be "cyber warriors" like Cluely -- starting by using a sentence for our passwords as a first line of defense.

No comments:

Post a Comment