SIMPLE PASSWORDS CAN PUT YOU AT A BIG RISK

Is your password your spouse’s name, child’s name or pet’s name? or a combination of these?

Do you use the same password for multiple websites – your emails, social networking sites, online banking transactions, workplace login?

If you do, you are not very different from many others. Despite websites telling us to choose passwords that have a combination of letters and numbers, and are difficult to figure out, most of us still use passwords that are easier to fit our memory. And given the proliferating number of websites requiring passwords, it would look near impossible to remember multiple, complex passwords.

But the flip side of what you do is that, you could be asking for big trouble. According to information provided by security solutions provider Trend Micro, about 37% of those who fall victim to hackers are non-tech savvy net users who use simple passwords, such passwords make the job of cyber crackers easier and faster.

Pavan Duggal, a cyber law expert, says a weak password could result in you losing critical personal or professional data, or your money reaching someone else’s account without your knowledge.

More dangerously your hijacked computer can become a platform for a group of cyber criminals or terrorists to meet and interact. You may find it difficult to prove that you were hacked and therefore innocent. Such a criminal exposure can attract three years of life imprisonment under the IT Act 2008.

“Once you are at the receiving end, your road to justice will be long and winding and you may invariably never get the desired result,” says Duggal. Even the ‘secret’ answers that website ask for at the time of password registration are often dead giveaways. Based on a study of a group of 130 people, researchers from Microsoft and Carnegie Mellon University found that 28% of those who “knew and were trusted” by co participants managed to guess their ‘secret’ answers, while those who were ‘not trusted’ by the participants still guessed right a good 17% of the time.

For example, take the standard ‘what’s the name of you pet?’ question; it was guessed right 40% of the time by people that the participants would not trust with their passwords, a figure that rises to 45% for that old favorite, ‘Where were you born?’

A Gartner study conducted among 4,000 adults who browse online says consumers prefer convenience over security. Most aren’t interested in password management as they want easy way out and in.

Many net users won’t even know that their systems are under attack, until their systems stop responding or data/money is lost.
“A few months ago, one of my colleagues had a hacker attack; his computer stopped recognizing the password. But since he was a techie he could contain the threat and save the system from being hijacked,” says Rana Gupta, business head for India in Safe Net, an online security solutions firm. Amit Nath, the India head for Trend Micro, passwords could be compromised when buying movie, train, bus or air tickets online. “All these sites need not be fully protected. So it is critical to have a strong password management system for every internet user,” he says.

What’s a good password?

Most websites will advise you to use a combination of letters, figures, currency signs, etc to make passwords stronger. But these would still be difficult to remember and you are likely to note it down somewhere, which would be risky. One suggestion experts have is to create a phrase that’s easy to remember and then key in the entire phrase. Thus, you could have lgfSJCi1995 for ‘I graduated from St Joseph’s college in 1995’.

Generally, the longer the password, the better it is. And never choose a word from dictionary as your password. It’s easy for hackers to run programs that repeatedly try to log into your account using words from the dictionary. At some point, they will crack it.

http://unitechblog.com/