Lock Up Your Family’s Online Assets
Automatic locks on the family car. Check.
Safety deposit box for valuable papers. Check.
Padlocks for bicycles. Check.
Secure passwords for online assets. Uh-oh.
Now that families conduct so much of their social and financial business online, strong passwords are every bit as important as sturdy locks on the doors of your home. Unfortunately, parents who are very conscientious about other forms of family security often do the virtual equivalent of leaving the key under the doormat.
The recent security scare called Heartbleed should have been a wake-up call. If you haven’t already changed passwords for your online accounts, now is the time. And while you’re at it, teach your kids to create smart passwords, too. (A curriculum for doing that is available from Common Sense Media at commonsensemedia.org/educators/lesson/strong-passwords-3-5).
The simplest way to manage passwords is to store them all in a vault-like piece of software that will generate, encrypt and remember highly secure passwords on your behalf. Free and reliable programs are available from LastPass, KeePass and Norton Identity Safe. Just be sure the program you choose allows easy access on all devices you use.
Unfortunately, setting up password software requires time that busy parents may not have. Also, the password that gets you into the software becomes the equivalent of the one ring that binds them all, so if you forget it you are doomed.
Those who decide to forgo software need to get serious about creating tough passwords. The first rule is to avoid weaknesses that create openings for trolls, bullies, hackers and identity thieves. Here are three things to keep in mind:
1. Don’t use personal information. Professional hackers know that it’s easier to remember details from your own life, so if you become a target the first passwords they’ll try are names of people and places that are meaningful to you. Google yourself. Anything that comes up won’t be a good password. Next, review your social media profiles. Don’t use anything that has ever been listed as a favorite.
2. Avoid recognizable words. Many programs have been designed to crack passwords and most start with a dictionary of words in English and other languages. Using any recognizable word, including proper nouns, makes you more vulnerable. Adding an unexpected capital letter, a random number or an exclamation point makes the password a bit stronger but not much.
3. Don’t be cute — or lazy. Despite years of warnings, people still use “default” passwords like “guest” and “password” as well as sequences of keys on the keyboard such as “890-= “or “qwert.” Hackers are also acquainted with obvious substitutions like “&” for “E” or “@” for “A.” And it’s not especially clever to use well-known number sequences like Pi or the Fibonnaci series.
Eventually everyone forgets a password, so be sure your recovery systems are up-to-date. Many websites send a prompt or reset option to an email address. If you change your email address, update the sites that require passwords. Providing a cellphone number also adds a layer of security, especially if you have a cellphone that can be locked if it’s lost.
Once you’ve found what seems like a great password, don’t be tempted to use it often and keep it forever. Experts recommend using different passwords, especially for sites involving financial information. And put a “Change passwords” reminder on your calendar so you do it at least as often as you change the oil in the car.
Many security experts argue that passwords are obsolete. Perhaps, by the time your kids are adults, they may be able to protect their online assets with a fingerprint or DNA scan. In the meantime, however, mastering the art of creating strong passwords is just one more way you can have the peace of mind that comes from knowing you’ve protected all that is precious to your family.
Carolyn Jabs raised three computer savvy kids, including one with special needs.