It’s hard to say that number of times that I’ve told my clients to choose strong passwords. No matter how many times I do, it’s just hard work to choose good passwords because they’re so hard to remember. Well, as a reminder to them I wanted to point out a great article I read about how to hack passwords.
Don’t go telling folks how to hack passwords
I’m sure someone will comment or send me a note that it’s not wise of me to call attention to the methods of hacking passwords. Unfortunately it’s a bit like gun control. The bad guys are going to find the guns they want and the good folks won’t use them for the wrong reasons anyway. It also reminds me of another old joke about the security practices of some companies: “Security by Obscurity”. Simply avoiding the topic and not drawing attention to things that should be secure usually doesn’t get you very far.
The good news is that most of you don’t have a thing to worry about. Why? Because you’re not a high value target. As long as you don’t do anything to ever upset anyone or draw any attention to yourself or download crap (like free music, software, etc) from the internet then you probably don’t have to worry too much about it. The guys that spend their time hacking passwords either have a gripe with someone or want to steal money and information.
Just to be safe
Either way, why not make sure that you’re covered and use a password manager? What’s that you ask? A password manager is a small bit of software that generates strong passwords and keeps track of all of your passwords. The one I use is free and open source: KeePass. In order to login to a website there are shortcut keys that actually type in your details so you don’t have to remember a thing. It also runs from a USB drive or you can sync your password file using a service like dropbox.com. If you’re on a Mac then you can use this version http://www.keepassx.org/.
Sure it’s a little more work than typing in you favorite food, but you’ll wish you had if you ever get hacked.
For the last 10 years Daniel has developed key software (and websites) to power my business. But what's more amazing is that he's demonstrated a very keen and insightful aptitude for business, including marketing, accounting and operations. It is precisely that combination of technical expertise and business sense that makes his software so valuable and his services so hard to replace. He's one of the few people (aside from family) that I'll change my schedule to accommodate because I always get more than I bargain for. I trust Daniel with my business and so should you.
Nice… I am forwarding this on to Missy and Shelley!
So how about the guys who just sit there hacking into Keepass?
Mishella,
I’m sure there are guys that spend their days hacking into keypass and any other software that’s meant to be secure. But one universal truth about hackers (and most other crooks (and most humans)), is that they are lazy. That’s a big bonus when it comes to security. If you can make your site marginally harder to crack than the average joe then they are more likely to give up. It’s like anything else in life. If there are two cars and a thief wants one, he’ll start with the one that’s unlocked…
For Mac users, 1password is a great option. I’ve been using it now for a couple months and will never go back.
There’s something satisfying to know that every one of my passwords is a 20+ character string of randomness that I could barely type in manually, let alone remember.