You need a password system!

John Avis by | October 10, 2018 | General

For your security it is critical that you use strong passwords that are unique for each website.


For your security it is critical that you use strong passwords that are unique for each website.

If you are using the same password for every website then it can be quite easy for someone to get access to your accounts. Take a look at how simple this can be:

1. Malicious person or organisation sets up an attractive or useful website. This could be something like a competition, or a website offering something for free like ebooks or software.

2. To use this malicious website you must enter your email address and choose a password. You want the freebie so enter your email address and your usual password.

3. They now have access to your account on any websites that only require just an email address and password. They can attempt to login to popular websites such as PayPal, eBay, Facebook, Instagram, etc using your email address and the same password.

4. From your email address they may be able to determine your email provider, eg. Hotmail or Gmail, and gain access to your email account. Once they have access to your email account they can look through your emails and identify other websites you use, such as banking and PayPal. If your usual password doesn't work on these or other websites they can request a password reset via email and then get access to those accounts too.

Any websites where two factor authentication is enabled will be safe, so this is a useful safety feature you should always choose to use.

So, how can you have a password that is easy to remember but safe and unique?

The answer is to have your own system of generating passwords.

Almost all websites have a rule for the minimum length a password must be, and many have rules for including upper case characters, numbers and non-alphanumeric characters.

So you can use the same system for all websites, your password system should include at least one capital letter, at least one number, and at least one non-alphanumeric character.

So the password is unique, you also need to include something to secretly identify the website. Why secretly? Well if your unique passwords are just something like "johnebay", "johnpaypal", "johnhotmail", etc then the hacker may be able to easily guess the password for each site.

Here's a simple example of a password system you could use. This one is for eBay:

bJohn18y!

b is the second letter of ebay.com
John is a word to use for every website with one capital letter
18 is a number to use for every website
y is the last letter in ebay.com (before the .com)
! is a symbol

aJohn18l! would be the password for PayPal using the same system.

To a hacker the "b" and "y" are not obviously identifying that the password is for ebay.com, although you may want to obscure the password even further.

For example, "John" might be easy to remember but a made up word might be safer. Capitilising the "J" also draws attention to it being separate from the rest of the password.

How about we use "alPha" as our system's word, place the second letter of the website name in a different position instead?

Our eBay password would be "ablPha18y!" and our PayPal password would be "aplPha18l!". They look more obscure.

When coming up with your own system consider other options like capitilising one of the letters of the website name, swapping the last letter and second letter positions, and so on.

Hopefully using these techniques you will come up with a system that is easy to remember yet safe.

Related Posts

General

Limiting the maximum volume in Microsoft Windows 7 and 10

by John Avis | December 11, 2018

Do you want to limit the audio volume on a computer running on Windows 7 or 10?


General

What happened to Trading Post Australia?

by John Avis | February 14, 2018

While looking for a new car to buy – without much success – I looked further afield than the usual carsales.com.au and gumtree.com.au and found myself at tradingpost.com.au. Oh how they have gone down hill...


General

The command line interface is back

by John Avis | April 28, 2017

Back in the 1980s and early 1990s I considered myself a bit of an expert at the MS-DOS command line interface and knew all the commands and all of the options for each command.

Comments

There are no comments yet. Be the first to leave a comment!

Leave a Comment
Tags
ASP.NET Html Forms ASP.NET MVC ASP.NET Web Forms ASP.NET Web Pages Bootstrap C# Classic ASP Cool Websites Databases eBay and PayPal Electrical Repairs General Hardware HTML/CSS Jquery/Javascript Media Center Mobile Phones Responsive Web Design SEO and Social Networking Web Design Web Development Web Security web+db Website Hosting Windows XP Youtube

About me

...mostly about web development and programming, with a little bit of anything else related to the Internet, computers and technology.

Subscribe

Get the latest posts delivered to your inbox.