How to create a secure password

Posted: Updated:

PHOENIX – Computer-safety experts say the recent hack attacks on Arizona’s Department Public Safety, particularly the recent one involving officers’ personal information, should serve as a warning to everyone who uses the Internet.

Ken Colburn of Data Doctors says your first line of defense is your password. There are computer programs designed specifically to guess passwords. Those programs can crack a basic six-character lowercase password in just 10 minutes. Throw in an uppercase letter or two and the crack time goes up to 10 hours. If one of the remaining characters is a number or a symbol, it will take a program 18 day to guess it.

The longer your password is, the more complex it is. That means is harder for programs to figure it out.

A nine-character password containing both lowercase and uppercase letters, numbers and symbol is much more difficult to crack. It would take a program more than 44,530 years to do it. Yes, that is a comma – not a decimal point.

While there are other ways accounts can be hacked, Colburn said people often make huge mistakes with their passwords that make them vulnerable.

“Password,” for example is a horrible password. Changing the A to a 4 and the o to a 0 increases the security. The next step is to add some special characters so that “Password” becomes “Pass_w0rd!”.

“What you’re trying to do is thwart these known guessing pattern these guys have,” Colburn explained.

Of course, you should never use "Password" or any iteration as your actual password.

Colburn also advises using different passwords for each of your accounts.

“Don’t use the same password on every account, because as soon as they get one, they’ve got everything,” he said emphatically. If you’re concerned about remembering them all, there are “vault” programs designed to hold all of your passwords. With those programs, you only have to remember a single password.

With recent publicity surrounding the recent hack attacks, copycat hackers and “hacktivists” could be encouraged to try their hands at breaking into unsecured services just to see if they can.

Business owners need to take a close look at how employees access their systems, particularly email, because once one person could expose the entire company to risk.

Another common vulnerability is Wi-Fi. Not only do you want to be sure to secure your own network, you want to check for security when using public networks. Look for “https” in the URL as opposed to “http.”

“It’s time to pay attention, folks!” Colburn said.

Data Doctors has set up a free hotline for small-business owners who have questions about securing their e-mail. That number is 1-866-567-8328.