90.9 WBUR - Boston's NPR news station
Top Stories:
PLEDGE NOW
Here and Now with Robin Young
Public radio's live
midday news program
With sponsorship from
Mathworks - Accelerating the pace of engineering and science
Accelerating the pace
of engineering and science
Monday, October 17, 2011

Making A Secure Password–That You Won’t Forget

Computer security expert Steve Gibson says you can test your password strength at the GRC Haystack Calculator.

Computer security expert Steve Gibson says you can test your password strength at the GRC Haystack Calculator.

Last week, federal authorities arrested Christopher Chaney and charged him with hacking into the e-mail accounts of celebrities like Scarlett Johansson and Mila Kunis.

But, as many of us unfortunately know, celebrities aren’t the only targets of e-mail hackers. We need passwords for our e-mail, our banks, social media sites, photo sharing sites — and more. So how can you make sure your password is secure?

Computer security expert Steve Gibson told Here and Now‘s Robin Young that there are ways to make your password harder to hack but still easy to remember.

He says adding a pattern of symbols at the end can make a password much harder to crack. For instance, Robin tested some passwords on Steve Gibson’s Haystack calculator and found that the word “password” could be hacked in milliseconds, but “passwordH3!!!!!!” would take thousands of centuries to guess.

How To Make Password More Secure

  • Don’t use common passwords (See top 500 worst passwords of all time- language advisory)
  • Don’t use information from your life that can be found easily — birthdate, pet’s name, maiden name
  • Do pad your password with symbols: “Bubbles!!!!!!” or “Smile:):):):)” are more difficult to discover with the symbols
  • Do use different passwords for different websites
  • Do test password strength at the GRC Haystack Calculator by using a similar password — never enter your real password anywhere but the site you are logging into

Do We Need To Change Passwords Often?

Steve told Robin that, contrary to popular belief,  it’s not necessary to change a strong password. He writes:

“I see NO benefit, and only liabilities, associated with changing good strong passwords…There is no generally agreed upon security threat model that suggests any benefit from periodically changing a good solid and strong password… Periodically changing an already strong, safe and secure password does nothing other than create an opportunity for error during the change (which is why we’re always asked to re-enter a newly changed password), and further needlessly burdens the user with the need to ‘forget’ their old password in addition to remembering a new one.”

Note: Here & Now’s Twitter account recently fell victim to a common phishing scam after our social media editor clicked on a link from another phished account.

Please do not click on any links from our Twitter feed @hereandnow that have messages like “Found a funny picture of you!” or “I saw a real bad blog about you, you seen this?.”

As our social media director Robin Lubbock advises:

  • If you find yourself on a Twitter login page (or any login page) always check the url in the address line at the top of your browser.  Check that it matches the company whose page you are allegedly on.
  • Don’t click on links that could be phishing links.

Guest


Please follow our community rules when engaging in comment discussion on this site.
Robin and Jeremy

Robin Young and Jeremy Hobson host Here & Now, a live two-hour production of NPR and WBUR Boston.

November 20 3 Comments

The Man Behind ‘Mockingjay’

Francis Lawrence describes the rewards and challenges of bringing "The Hunger Games" books to the screen.

November 20 Comment

Iraq War Vet Wins National Book Award For Fiction

The judges described the short stories in Phil Klay's collection "Redeployment" as brutal, piercing and sometimes darkly funny.

November 19 11 Comments

New Film Revisits The Jerry Sandusky Sex Abuse Case

The Penn State assistant football coach will likely spend the rest of his life in prison, but that's not the end of the story.

November 19 222 Comments

Without Slavery, Would The U.S. Be The Leading Economic Power?

Edward Baptist argues in his new book that slavery was integral to establishing the America as a world economic power.