The following audio & transcript are from a live computer Q&A event I recorded back in 2008, discussing a topic which is just as important today as it was then.
This segment is a lesson giving a few tips on choosing a safe password, and also explaining a why it’s important to use strong passwords (and why assuming no one would target you is missing the point).
Due to the nature of the live recording the audio will sound a little “thinner” than usual, and I may talk a little bit faster than I normally do on my “studio recordings”.
Use the player below to listen and you can find a transcript of the audio below the player.
AUDIO LESSON TRANSCRIPT BEGINS HERE:
I want to give you a couple of guidelines when you’re setting passwords. There are a lot of mistakes I see people making with passwords.
You want to follow some guidelines. One, for example, would be to not use the same password for everything.
I know it’s easier to remember, but it’s also an easy way to get into your stuff.
You have to think of passwords like keys. I would hope you would not use the same key for your house, car, post office box and safety deposit box.
If someone gets one of the keys, they can unlock your life.
In addition to not using the same password over and over again, which I see people do all the time, you need to use a hard password — a “strong” password is the term. This is a more complicated one.
I want to go back to my analogy of a password being like a key. The type of passwords I see most people using tend to be simple, regular words that you find in the dictionary or a person’s name.
In a recent email, I told a story about how 10 or 12 years ago, I was working at a computer shop in upstate New York where I used to live.
Someone brought in their laptop. When I flipped the thing open and turned it on, I was somewhat dismayed to find that it had a password lock on it, which was pretty uncommon at the time.
She hadn’t bothered to tell anybody that there was a password. I couldn’t get in without it, but it also happened to have “If lost, return to Lisa,” or whatever her first name was, and the address.
When I saw that, the very first thing I typed in was her first name, and that was the password. Not only did she use her own name as the password, but she also had it printed right on the screen.
I guessed on literally the first try.
If I had been a criminal, or if someone had stolen the laptop and made the same guess, they would have had full access to everything on the computer.
It’s really important to use a strong password. The general guideline suggested for this is to make it long, and the longer it is, the better.
You want a mix of letters and numbers. Get it as far away from a regular word that you might find in the dictionary as you possibly can. Mix uppercase and lowercase letters in a random way and even put in symbols like an exclamation point.
This will create a much stronger password.
You might be thinking, “Why do I need to worry about my password? Who is going to target my information? Who’s going to target my computer?”
You can’t think of it that way because criminals these days use the internet. They use the internet and programs on the computers to commit crimes just the way that they used a lock pick in the past.
If you think of a computer as like a house, these programs are like a burglar. They can basically clone themselves a thousand times over and go to every single house in a dozen neighborhoods all at the same time.
They try every single door to see if there is no lock on the door. In other words, there is no password. They look to see if it has a bad, weak lock or an old-fashioned type of lock, both of which, of course, are easy to pick.
To use my key analogy, if you have a weak password, it’s like having a really old-fashioned key in an old-fashioned lock, like something they had 150 years ago. The reason they make different keys now, smaller and more complicated, is to make them harder to pick.
It’s the same idea with your password. They use these things called “brute-force password cracks.” They are little programs that basically try all the words in the dictionary starting with common ones.
They run through them a thousand times in a minute on each computer, on a thousand computers at once.
It doesn’t have to be targeted, but you can still have your privacy violated or identity theft done on your computer if you’re not protecting it properly.
There’s a whole series of things you can do to protect it, including adding a firewall and doing a lot of other things, which I deliberately included in my computer training courses, and I talk about them in my newsletter and so forth.
You can find more in-depth audio and video lessons expanding on computer security topics in my online courses, especially in the Safe & Easy Internet course for Apple Mac and the Safe & Easy Internet course for Microsoft Windows.