Passwords – Security Tips from Experts
Categories: Identity Theft, Senior Scams & Fraud, Trust and Estate Attorney
In the previous post, we covered the basics of a “SLICK password” and “passphrases” as an alternative to the usual suspects. If you missed that post, take a minute and review it now. CLICK HERE
For those who are SUPER security conscious and want to create the ultimate in protection, we’re really going to bump things up a notch! The random-word passphrases are going to get a make-over using the “SLICK” formula we talked about earlier and we will see what some experts consider to be virtually hack-proof.
I need to add the disclaimer: NO password is 100% safe – in part, because speed with which computers can break them is always increasing. Your aim is to make your device, account or data much harder to access than the next guys! Sometimes these hacking systems will time out after a certain number of tries – think BILLIONS. Let’s make sure the criminals lose interest in busting your code!
Master Level
Make Your Passphrase SUPER SLICK
SUPER SLICK PASSPHRASE – Let’s see if we can get one of the “random-word passphrase” examples from the previous blog post to pass the SUPER SLICK test!
In the example below, we’ll take a passphrase and change some things around in order to add strength and make it extra tough to crack.
Original Passphrase – 35 characters
green eggs clam bake haribo gummy
Notice that while these are relatively random words, this passphrase includes multiple word-pairs; words that are generally known to go together:
green/eggs – think Green Eggs and Ham by Dr Seuss
clam/bake – a tasty seafood meal at the beach
haribo/gummy – the quintessential gummy bear brand
So how can we take this SLICK Passphrase and make it SUPER SLICK? Let’s eliminate those word pairings and make the overall passphrase LONGER!
SUPER SLICK Passphrase – 45 characters
widget eggs clam ballpoint haribo magnify sum
Leave in ALL the spaces between the words and you are set!
SUPER Strong – Long – Individual – Complex – Kooky …CHECK!
Totally Random Passphrase
Computers are wicked-smart! What we see as a random string of words, actually has a pattern to it! Human beings are pattern seekers and pattern builders. We crave it! We instinctively favor things that follow patterns and make sense to us. And, we’re not even aware that we do it!
For those looking to take this business of passwords to the edge, try using Diceware. With Diceware and their related wordlist you can generate passphrases designed to REALLY stump sophisticated hackers. If you need to sit down and create a whole bunch of passwords at once it may take some time, however, it is a pretty ingenious system and easy to understand.
Basics of Diceware and Why it Works
The strength of a password, passphrase, or encryption key is measured in “bits of entropy.” Entropy, defined as randomness and lack of order or predictability. Entropy is an essential component to a masterful passphrase. By using some six-sided dice, you generate actual entropy or randomness. Each roll of the dice helps you build your passphrase via Diceware word lists. You build a series of random numbers and then convert those numbers into random words pulled from Diceware’s ever-changing lists.
If you are ready to roll up your sleeves and dig in, this article is well-written and explains things nicely and there are additional word lists available if you need them.
Read more about Diceware – Click Here
New Diceware Word Lists – Have a Look Here
Using Diceware, you could wind up with something like:
high fang canoe glower toucan bobbin that ebb tear
This may look similar to the passphrases we discussed earlier, however, THIS one has been generated with entropy in mind. As a result, it is far more random than ANYTHING you or I might conjure in our head. Just another way to make your passphrases “Super SLICK!”
The Future of Passwords
Will they stay or will they go? Passwords are likely here to stay; at least in the short-term. As we transition to the more distant future of data protection, say between now and 2022, you can expect an increased use of the following:
Biometric sensors that include the use of facial recognition, iris scans, and voice and fingerprint recognition.
Device authentication that used features of the CPU to allow a laptop or phone to “prove” its identity while you, the device owner prove yours via some approved biometric sensor like a fingerprint.
Behavioral biometrics such as mouse dynamics, screen interaction/swipes and keystrokes.
Two-factor / two-step / multi-factor / multi-layer authentication where users are asked to verify a new device being used to access an account. A code, sent in real time, to another previously verified device or email account where it is retrieved and then entered into the new device to complete the verification process.
A Quick Look at Password Managers
Given the number of online accounts we all have these days, companies specializing in Password Management are on the rise. We may circle back on this topic in depth in a future post. In the meantime, we found a great article on the Consumer Affairs website that you can explore on your own. You can compare brands, see features, learn about different types, find out who is using these tools and why, and you can read user reviews. It is very comprehensive
Answers to Questions About Estate Planning
If you have questions about wills, trusts, estate planning or financial or medical power of attorney. If you want to protect an aging relative from losing their hard-earned money to fraud or if you feel overwhelmed because a loved one has passed away without benefit of a will or trust, the best place to start is with a call to my Los Gatos office at 408-364-1234. Call to request an appointment.
You are welcome to Print this Free 30 Minute Legal Consultation Certificate.
Let’s get some of those questions answered!
Diane M. Brown, Esq.
Working every day to keep my clients out of court!
It’s your money… Let’s keep it that way!
Call 408-364-1234
This blog contains general information and is not meant to apply to a specific situation. Please seek advice of counsel before proceeding as each case is unique.
No comments yet.