Passwords continue to be one of the most irritating things in life and one of the biggest obstacles to doing many things online. For your own protection, your bank may insist on you using a password of a dozen or more characters, upper case, lower case, numbers, and special characters. Annoying as that may be, a secure password can be the only thing that stands between you and an empty bank account. Financial institutions know that cybercriminals are working constantly to guess your password so they can steal your funds.
Some of these crooks have harnessed the power of artificial intelligence (AI) to create programs that are able to often guess your passwords. With names like “John the Ripper,” “PassGAN,” and “hashCat,” these programs—(mis)used by the criminal element—employ several advanced AI techniques to speed up the process.
There is one thing everyone can do to help thwart the bad guys and it is easy enough to do. Just do the opposite of what the crooks and their AI programs expect of you. Cyber criminals know that most people use easily-remembered, and therefore easily-guessed, passwords. For most people this means the name of their pet, plus a date, plus a special character when required. That results in a password such as “Fido1942#.” So, using “Fido1942#” as an example, please let me explain what I mean by doing the opposite of what the crooks expect.
Almost everyone habitually uses the proper case when writing names, though some, like e e cummings, eschew capitalizing names. The cyber crooks fully expect that you will follow the rules and write “Fido” or “fido.” so what I recommend is to toggle your Caps Lock key to write the name as “fIDO,” simply because cybercrooks are a little less likely to try that.
Next, cybercrooks know that most people, when required to use a number in a password, will use the year of their birth. That makes it easier for the cybercrooks to try to guess your number because they know it is probably one of the years in the last half of the 20th century. Something you can do to make it a little harder to guess your birth year is to choose a different century; if you were born in 1942, use 1842 or 2042.
Finally, the password requirements for many websites instruct you to include “upper case, lower case, numbers, and a special character,” and that is exactly what “Fido1942#” is and in that exact order. So do not put the elements in that order. Rather than “Fido1942#,” simply rearrange the order of the elements to “1942#fIDO,” one simple change makes it more secure.
Using any password that is easy for you to remember is always a bad idea. Nevertheless, I know many will continue to do so. The suggestions I have made here can make your favorite password more secure and can do so without making it a lot harder to remember.
Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981 and now practically a full-time resident. He may be contacted at 415 101 8528 or email FAQ8@SMAguru.com.