Search This Blog

Follow me on Twitter

October 12, 2011

Password Protection Revisited

A few months back I did a post on password protection.   As a follow up there are additional items to consider regarding password protection.  My previous post mentioned that a secure password should have a minimum of 8 characters.  The thinking regarding this minimum number is changing to where a minimum of 12 and up to 14 characters should be used for a secure password.  Microsoft has a website where you can check your password strength as shown.  They recommend a minimum of 14 characters.

An important thing to consider is when you set up a user name and password on a site, you may have to answer at least 1 security question.  This is in the event you forget your password, the site will ask you a question that you need to answer correctly in order to regain access to your account.  Perhaps the most common is asking for your mother's maiden name.  As I am noting in the next paragraph, be careful of how you answer these questions.  You do not have to give a correct answer but remember the answer you give.

A while back I wrote on how your future employer gets to know you before they meet you.  In it I mentioned why you need to be careful about what you post online.  Here is another reason.  What you post can directly and indirectly be used to obtain information that can answer those security questions and not necessarily posted by you.  For example the question of your mother's maiden name.  If your mother is a Facebook friend of yours and uses her maiden name as part of her name, there is the answer to the question of your mother's maiden name.  For the question of your mother's maiden name, you may want to use something else like a neighbor's last name, a friend's maiden name, etc.   Discover Card asks the question "What city were you married in?"  If you have been married more than once, you can use the city of your first marriage.  I think you get what I am saying here.  During the 2008 presidential election, Sarah Palin's personal email account was hacked because a lot of her personal information was out there and the hacker knew the information needed to answer her security question.

In closing, be careful again of what you post online.  This information can be used to access online accounts that you would not want others to access.