As an application developer, I work with sensitive and secure information all the time that require us to use master passwords to access the information. At the point that I need to know the password when working with a client I’ll sometimes ask jokingly “What’s the name of your dog?” “Why?” they’ll ask back. “…because I need to know your password.” Often it is the name of their dog, cat, or child. Why? Because it’s easy to remember. The problem is that it is not secure. The fact is that most people have a very difficult time remembering lots of potentially random information like passwords.
You are at risk to losing money in your bank account, getting charged for things you didn’t purchase, or at minimum spending a lot of valuable time restoring your accounts and identity back to normal. Here are a few simple things you can do to protect yourself categorized by the type of protection provided.
1. Consider everything you post on the internet as public information. This includes e-mails, Facebook photos, etc. If you don’t want anyone knowing about it, then you’re better off not doing it on the internet. If you post your maiden name, your birth date, place of birth, etc., on Facebook or other social media sites then they are not good security questions to use for secret for your bank account or credit card.
2. Be careful about announcing your whereabouts on Twitter or Facebook. For example, bragging about your vacation in Florida could be a tip off that no one is home and make burglary more likely.
3. Get a Macintosh. You can spend less time worrying about viruses and things that just complicate your life.
4. Use OpenDNS. This will protect you from phishing attempts and it does so unobtrusively and reliably for free.
First…laugh about passwords with this comedic routine from Don Friesen…
5. Choose strong passwords that are not easy to guess. Do not use the name of your pet or kid. Choose passwords that are at least 8 characters long and contain somewhat random numbers, letters, and special symbols. This prevents people or applications designed to crack your password from guessing it.
6. Choose different passwords for each site you access and especially banking or credit card sites.
7. Password protect your computer, iPhone, and iPad. If someone finds your mobile phone and gets access to your email account, they can get access to your bank account, credit card information, etc. by simply going to a web site and requesting a password change which will come to them via email shortly.
8. Minimize the amount of passwords you save for auto entry on your computer in your internet browser, etc.
9. Do NOT email password information or store passwords in word processing or text documents on your computer.
10. CHANGE passwords every 6 months to 1 year.
11. Be careful when using public Wi-Fi networks to access bank information. Starbuck’s, Caribou, Dunn Brothers, and Panera are not the safest places to do your banking.
12. Make sure your home Wi-Fi network is password protected. This is set up on your router and instructions differ for each kind of device like Lynksys, Netgear, or the Apple Time Capsule.
I know you’re saying “I can’t remember all that information! What can I do?” Don’t write passwords on post it notes and stick onto your monitor. Use an application that has one secure master password you can remember to store your other passwords in an encrypted format. You have a couple of options to do this:
- 1Password – This application is designed specifically to solve the password problem for you. It has mobile applications and web browser plug-ins to make it easy to manage your passwords effectively while keeping them secure under one master password that you can memorize
- fmIgnite – Our flagship business management software, has a suite of features to assist you with storing private information securely and tracking password information. In the Contacts module, the “Private” tab has places for you to store multiple account login names and passwords for
a particular web site or application, password restoration questions and answers, social security numbers, credit card numbers, medical records, and other sensitive information. In addition, fmIgnite will generate strong random passwords for you and tell you the relative strength of any passwords you enter. You can easily copy and paste the passwords to the appropriates sites to log into them. Passwords stored in fmIgnite are protected by your master fmIgnite password and the fact that the database itself is not physically accessible when hosted on the internet.
Here are some additional helpful fraud and identity theft information sources:
- Identity Theft Resource Center http://www.idtheftcenter.org/
- Privacy Rights Clearinghouse https://www.privacyrights.org/data-breaches
- Social Security Administration http://www.ssa.gov/
- US Department of Justice – Identity Theft and Fraud http://www.justice.gov/criminal/fraud/websites/idtheft.html
- US Postal Inspection Service https://postalinspectors.uspis.gov/
Report Identity Theft to one of these companies:
- Equifax: 1-800-525-6285; P.O. Box 740241, Atlanta, GA 30374-0241 http://www.equifax.com
- Experian: 1-888-EXPERIAN (397-3742); P.O. Box 9532, Allen, TX 75013 http://www.experian.com
- TransUnion: 1-800-680-7289; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790 http://www.transunion.com