some of the common mistakes made by users when using passwords for web sites
using same password for all sites. even if this password is very strong. It exposes you to a very simple trick. Hackers create a simple website to give away something for free. recruit people to sign up. get their user ids/email at signup and then try the email/userid at other sites using the password provided to gain access. Very simple but effective.
Using weak password. every one knows this is open to dictionary attack. Also its easy for anyone standing over your shoulder to guess
Using “public” knowledge questions/answer for “Forget my password reminder”. we all live in world of facebook, where every minute detail of your life is public knowledge. If your password reminder questions are just a facebook search away, your strong password is of no use.
Using same easy to guess algo for sites. Anyone getting hold of one of your password gets the keys to kingdom for all your sites. Thus in your yahoo password os oohay, its easy to guess what your amazon & gmail passwords are
Happily typing in your passowrd to random apps/sites to pull your “contacts” in to app. We all live in world of apps. We have no idea who made these apps. They encourage you to type in your passwords for various sites yahoo, google, facebook to automaically pull in your data from these sites. They might be a password collection trick too.
How to create strong passwords
Use a auto generated passwords held under one password program like [lastpass], [1password]. These programs are available for all OSes, smartphone etc.
Use a password algo. Like one suggested by “mozilla” [mozilla]
use a commonworld phrase but exchange the letters with the letters physically next to the original one on the keyboard. example instead of myamazonpass becomes ,us,sxpm[sdd
No comments:
Post a Comment