Strong passwords are very important with all of the hacker-sophistication that exists in today’s world. Let me give you a couple of examples of why. Recently I was sent a message from a long-time friend who shared a YouTube video. The message was “You won’t believe what I found, a video of you from a long time ago!” It was sent through Facebook Messenger and I thought it was a legitimate share. But when I clicked it a login page of Facebook appeared.
I thought at first that I clicked on the wrong area of the image link. So I clicked again but on the text link part of the share and the same thing happened. This was suspicious to me and so I checked the URL and it was of some obscure domain and I immediately knew it was a Phishing scam.
Now I am very aware of things like this, but this one really had me fooled up to a point. In my work, I look at URLs all of the time and so I knew to check that. A lot of people don’t unfortunately, and many would be fooled into thinking they need to sign into a fake Facebook login page willingly giving away their username and password to hackers. All it takes is one weak password to affect everyone else.
I message my friend back to let him know that he has been hacked. Later I noticed he posted to notify all of his friends that he had been hacked and to not respond to the message. I’ve seen this play out many times on Facebook, though this was the first time that the trick almost got me. See, even though I’m aware of these things I too can be caught off guard, thankfully I wised up at the last moment… right before I decided to enter my username and password in the fake login page. The use of a strong password would have prevented my friend from being hacked.
Here’s another example. A few years ago I started working for a company whose focus was managing online reputations (reviews, testimonials, SEO etc.) and when I got in there I realized that the problem they were working their way through was bigger than was explained to me. They had been hacked and had to hire a specialist to clean up all of the websites they manage for their clients. I thought oh, ok the hacker must have been really good. Wrong.
When I got down to looking at their logins and passwords I realized they were doing what I used to do—use a document file to store all of the usernames and passwords. Many of the passwords were one word and a couple of digits or two words in length… weak, easy guesses. A couple of the passwords were used over and over for different client websites. That to me was crazy, and no wonder they got hacked! The common denominator here is weak passwords!
How do I know this? Well, a simple internet search can tell you, and I can also tell you that I’ve never been hacked, and neither have any of my clients because of strong password use. Now there was a time when I was using not so strong passwords, and I was storing them in a Microsoft Word file on my computer. Looking back I can’t believe I was never hacked, but that was also a time when hacker methods weren’t as pervasive, strong, or clever as they are today.
So what is a strong password?
It’s certainly not your pet’s name or “admin123.” Most everyone dislikes passwords from having to remember them, and so they create one that is easy for them to remember. While it may seem easy for you to remember it is also one that can be guessed by highly sophisticated algorithms hackers use to find them out.
Get out of using passwords that are easy to guess, or made up of one or two-word phrases. With three words you are getting stronger, but four, five, or six are even better. For example, “sloughs-orca-cledog-thecage-barrel” is a lot harder to guess than one or two words but it’s still lacking some serious complexity. What is best is to combine capital and lowercase letters, numbers, and special characters together. Better still, create a password that is 15 to 25 characters long. For example, this one is very strong: _MPgreVVQ4XrE2!a7r9@W-grR.
What!? How am I supposed to remember that?! Exactly! This is one of the big reasons why we have so many people getting hacked! It’s next to impossible to remember passwords like this.
In 2006 an app called 1Password.com came along and changed my life, not just my work, but my life. 1Password is a password manager and the way this one works is all you have to remember is one password, the password that gets you into it where all your password accounts live. Once inside you can create password accounts with a strong password and never have to remember what you create because it’s always a simple autofill or copy and paste to log in to whatever web account you’re wanting to log in to. Lastpass.com would be a direct competitor of 1Password but I’ve always been happy with 1Password by Agilebits because as far as I know, they were the first to create a standalone password manager.
Now the key here is that it is a standalone app, one that is not part of the browser you are using. There are browser-based password managers but I wouldn’t trust those because that’s something that maybe a sophisticated hacker could find a way into. Well, couldn’t they find their way into a standalone password manager? No, because if it’s locked down with your one password to get into it, that wouldn’t be possible unless you somehow allowed full control of your computer to someone else. Maybe, then maybe they might be able to get in, but I’m pretty sure most people would never allow that to happen. Most computers today have security in place so that very thing would not happen.
So I graduated from using a Word file to 1Password and it changed my life. With this password manager that I use I can log in and out of web accounts very quickly without ever having to remember super-strong passwords. I can work with peace of mind, work faster, and work in an organized manner as storing and organizing password accounts inside a password manager makes naming, tagging, and searching for accounts super easy, fast, and convenient.
It’s a much better way than what I was doing before. A standalone password manager is not hard to learn or use, and the costs are low… heck they are some of the best, cheapest insurance you’ll ever pay for. They protect your business and your life from the inconvenience of being hacked from the use of weak passwords. I highly recommend you start using one as soon as possible!
If you’re having security issues with your website, schedule a call with us now to see how we can help you get back onto the road to success.