Circles of Trust - Using Passwords

Passwords are critical to your online security. Using strong passwords is not an inconvenience. It's something you have to do.

Not only are your email and online accounts protected by passwords but, computer, router and other equipment configurations are protected by passwords too. 

Websites and equipment have differing requirements for passwords, but most require a minimum password length, and try to encourage you to make your passwords
stronger by using a combination of letters, numbers and even special characters.


You can adopt some simple rules and methods that you can use for all of your passwords, no matter where they are used:

  • Never use common words for a password, or part of a password.

Bad people employ computers to help them do bad things.  A computer can attempt to log into another computer by attempting every word in the dictionary as a password in minutes if not seconds. 

  • Never use anyone’s name (especially pets, children, spouse, or friends), for a password, or part of a password.

Bad people will attempt to learn about your personal life for the sole purpose of learning names that you may use as passwords.

  • Make you passwords at least eight characters long.  The longer they are, the harder they are to guess for a person or computer.  I try to use a minimum length of nine characters for mine.


  • Use a combination of uppercase, lowercase, numbers, and special characters (if allowed - $#%*&, etc.)

You can use little tricks if you have problems remembering, like using a one for L, or $ for S, or combinations of unrelated words, like f1$h^car.  It is better to write them down and keep them somewhere safe, than to use an easy to guess password!
Note: Although, User names and IDs are often not case sensitive, passwords always are!

  • Always change the default password every device, site or program comes with when new. These are all well known!


  • Don’t tell anyone your password! If you have to tell your IT person at work a password, don’t do it over the phone, only give them work related info, and change it immediately after they complete their work.


  • Don’t use the same password for multiple accounts!  If you do, and one account is compromised, they are all compromised.

Your bank takes a tremendous amount of precaution to protect your information, including your password.  Many small companies do not!  If their security is lax, someone learns your password, and it is the same one you use for your online banking, well guess what? Bad people will try any password they find on many accounts, because they know people commonly make this mistake.

  • Always change your password(s) ASAP if you think there is any possibility, or chance that they have been or can easily be discovered.  (Think of misplacing your credit card. Is it lost, or did you just forget where it is?  When do you decide to call and cancel it?  Most of us would cancel it ASAP  if we were not sure!)

There has been some recent research that has questioned the effectiveness of changing your passwords frequently, on a schedule.  The argument is: If your computer or account is compromised, any resulting damage will most likely, be done immediately, and changing your password every 30 days won’t make much difference. I tend to agree but, only if the above rules are always followed!




~#~



Sign up with email to get updates from The Practical Computer
and subscriber-only tips and giveaways.


For more on Internet Security:

From The USA Educational Foundation: Internet Safety For Adults


From Family Online Safety Institute:

Top Internet Safety Tips for Parents (PDF)


From US-CERT:

Advice about common security issues for
non-technical computer users