Make Your Passwords Complex, and Change Them Often!
These days there are more security threats than ever before. The simplest precaution you can take is to have a good password and to change it frequently. I know, I know, everyone thinks us techies are just paranoid; However, we are not paranoid geeks, we just understand how hacking technology works and we want you to be protected.
Why would someone want to hack me?
Don’t take it personal, they aren’t just targeting you, they target thousands of people at once. The hacker sets up “bots” which are little programs designed to guess your password one letter at a time, thus doing all the work for him. It can take days, weeks, even months for the bot to eventually compromise it. Once the program a.k.a “the Bot” gains access, the hacker is then notified that he has access to the particular resource the Bot compromised.
So if it guesses one letter at a time why should I have a secure password?
Usually these applications use dictionary files, which contain various words of the English language. If you set your password to contain an upper case, lower case and a symbol, this will throw a huge wrench in the Hackers scheme.
Why should I change my password from time to time?
As the program works it tries to crack one letter or number at a time, sort of like a safe when you get one digit. Given it can take a tremendous amount of time, once you reset your password you have just sent the hacker back to square one.
Account Lockout Policies:
Another great security you can take, which is done on the network admin side, is account lockout policies. Account lockouts lock an account after X amount of invalid log in attempts. This slows the bots down by astronomical proportions. Thus, if you have a strong password and change it frequently in combination with a lockout policy, you make your resource virtually inaccessible to a hacker by standard means. Many sources these days have an account lockout policy – Gmail and Facebook are prime examples of this.
Bottom line is Hackers don’t want to work hard and neither do their Bots, so users with very easy passwords are their primary target and there are plenty of those out there. So make yourself difficult to deal with and the hackers will most likely pass you by.