Author Archives: Cheryl Biswas

Unknown's avatar

About Cheryl Biswas

Writer, reader, techie, Trekkie. InfoSec and political analyst. Keeping our world safe one byte at a time.

Passwords: The Keys to Your Digital Kingdom

Posted on by
Reply

PasswordChalkBoard

Fortress Security is all about keeping you and your data safe. When your home is your castle, you don’t let the drawbridge down for just anyone, but it’s amazing how cavalier we are about securing our digital fortress. Passwords are what keep the barbarians from storming the gates – literally and figuratively. Your online security begins – and ends – with what you choose.

They are your first defense and they can be one of your best defenses when used properly. How so? Typically, the most that we are asked for is something longer than 6 characters, sometimes with a number. If that’s easy for us to come up with, think of how easy that is for a hacker to break.  It takes only 10 minutes to hack a typical 6-character password in lowercase but if we were to extend that password by 3 characters, making it a total of 9 characters in length, and then made it a mix of numbers and letters, alternating the cases of the letters, we just made the job harder by 44530 years. So, the lesson here is: longer is better, numbers and cases are stronger. Easy.

Easy except that the truth is most of us make passwords we can remember. After all, what good is it if we have to write them down someplace or keep forgetting them?  So, we fall into the trap of using names we know, dates, addresses, favourite foods or places or even celebs. These our things our friends and families already know about us. Guess what? We’ve put all this same personally identifiable information up on the social media sites we frequent, as we chat about lives, our jobs, our interests. Hackers know to go straight to these sites first and find their keys into our digital kingdoms. But now you know, too. Yahoo put together a list of passwords, 500 of them actually, that we shouldn’t be using. (here is the link: https://www.yahoo.com/tech/here-are-500-passwords-you-probably-shouldnt-be-using-96467697789.html). Yes, password is one, and butterfly is another. Along with every common name I’ve ever heard. Lesson learned: no pain, no gain. Making it inconvenient for ourselves makes it hard for hackers. That 9 character nonsense password will be deterrent enough.

So once we’ve gone to the trouble of making that impenetrable password, it should be good enough to use on everything, right? Wrong. So very, very wrong. And yet, that is a mistake most of us make. And almost as bad is when we alternate or recycle passwords. Oh, the inconvenience. Yes, it is a royal pain to manage up to a dozen different passwords, never mind we can’t remember them now.  But that pales in comparison to cancelling all your credit cards, then carefully reviewing your bank and card statements from now on. There are ways to manage your passwords, including third party software. While I can’t say what works best, what I can say is this: if you haven’t already been hacked, you are about to be. This is how you won’t become another data breach statistic on the nightly news.

Welcome to Fortress Security

Posted on by
Reply

imagesYour home is your castle. It’s filled with pictures and memories, set up just the way you like, more than just the money you paid for it. You buy insurance to cover the cost of replacing it lest anything should ever happen to it but the truth is – it’s irreplaceable. Nobody wants to go through the heartache or headache of massive loss or damage.  But that’s exactly what happens when our computers crash or phones go missing. We put the equivalent of our entire lives on tech devices. We have become a mobile society.

Most people know about anti-virus software and backups. A percentage use these to safeguard their tech and their data. But the reality is that most people have no idea just how vulnerable they are and what their actual exposure to damage and loss is.  Today, the real risk isn’t dropping a phone into a puddle or circuits frying. It’s something lurking in the shadows, waiting for you to swipe your credit card, visit a website, or open an email attachment. Cybercrime has become a significant player in the new global economy, and it’s here to stay.

If only hackers were those sharply savvy caricatures dressed in black we enjoy in movies. But there is nothing charming or funny about gangs of thugs whose sole motivation is to get rich by ruining the lives of others. And that is the true essence of cybercrime. Our personally identifiable information, or PII, is the new currency of the blackmarket. Usercodes, passwords, drivers licence numbers, home addresses -we are broken down to bits and pieces, sold to the highest bidder, who will then recreate a whole new identity at our cost.

As it stands, the black hats are keeping more than  one step ahead.  For those of us in information security, or InfoSec, it’s a frustrating game of catch-up.  Which means damage control more than damage prevention.  The stakes are high, the payoffs are huge, and the playing field is global. But knowledge is power in this fight. As malware evolves and data breaches make nightly news, for the average user that really will mean an ounce of prevention is worth a pound of cure.