They’re coming for you: Passwords, Hacking, and moreSubmitted by S. F. Ehrlich Associates, Inc. on June 28th, 2021
June 30, 2021
Security is very important to us, and we think it should be equally important to you. That’s why we frequently include articles about what you need to do to help protect yourself against identity and other theft.
Unfortunately, you may be victimized as a result of shortcomings by others. If you have a credit card from a company whose servers get hacked, there’s little you can do to prevent your personal information from being stolen. On the other hand, we sometimes contribute to our own victimization, so let’s review a few steps you can implement with little or no cost.
First, a question: Do you know how long it would take a hacking program to figure out your 8-digit, all numbers password? The answer: Instantly. That’s right; no time at all. How about a 10-digit all numbers password? Instantly! How about a 13-digit, all numbers password? 4 minutes.
Clearly, the object of pointing out the lack of security in a pure numerical password is to demonstrate that passwords should be more than just numbers or letters. (By the way, it takes 2 minutes to hack a 9-digit all lower-case password.) As you can see by the chart below, using numbers AND lower-case letters AND upper-case letters AND symbols yields the best results. How can you go wrong with a 10-digit password that combines all the above and would take a hacking program 5 years to hack! (Tip: Kiplinger’s Personal Finance1 recommends using a password manager, like Dashlane, Keeper or Lastpass, “to securely store login credentials and to generate strong, unique passwords for each account.”)
Source: Hive Systems
Here’s a tip that never gets old: never (NEVER!) open a link included in an email. If you get an email from “Social Security,” for example, that includes a link for you to use to read an important notice, go directly to the Social Security website and log in from there. (Always Google the website you are looking for, as opposed to using any link included in an email.)
To confirm that an email is suspicious, hover over the sender’s address. An email allegedly sent from Social Security may have a return address of SocialSecurityNotice.com. In fact, the real address of Social Security is SSA.gov, so seeing a potentially phony return address would be the first clue that the email was, in fact, a phishing scheme.
Another tip that you shouldn’t disregard involves those annoying notices you often see on your iPad, iPhone, and computer screens alerting you to update your software. Do it! Many software upgrades involve enhanced security because Apple, Microsoft, and others are trying to stay one step ahead of the hackers. And make sure your computer security is enhanced with an anti-virus program like McAfee or Norton. They’re the first line of defense in protecting your computer.
We get too many calls telling us that passwords had to be changed due to security breaches. We know it’s time-consuming, unsettling, and potentially costly. Often, these kinds of disruptions to your life can be avoided, but you have to initiate your own defenses for them to work.
1 Gerstner, Lisa. “Protect Yourself Against New ID-Theft Schemes.” Kiplinger, 27 May 2021.