How To Prevent A Thief From Stealing Your Online Passwords
October 05, 2017

How To Prevent A Thief From Stealing Your Online Passwords

One of my friends recently met a guy through an online dating site. I’ll call her Karen. She liked the guy a lot and a steamy romance bloomed. How do I know? Most of her friends saw evidence on Facebook.

Karen had used Facebook to send the guy some erotic, private messages. But somebody hacked into her Facebook account. That person sent Karen’s X-rated words of seduction to all of her Facebook contacts. As she says, “My nieces are never going to look at their Auntie Karen the same way again.”

Such online hacking is common. In 2016, The New York Times reported that more than 1 billion Yahoo accounts were hacked between 2013 and 2014. The Telegraph reported that thieves stole 68 million Dropbox passwords in 2012. The BBC says at least 38 million Adobe accounts were breached in 2013.

Nothing online is 100 percent secure. But there is an easy way to increase online security. Create passwords that are tough to crack, easy to remember, and easy to alter.

Instead, too many people use simple passwords. Others trust online service providers to store passwords for them. Unfortunately, these could be hacked as well. Some people store passwords on paper. But that’s one of the first places a thief might look. Storing them on a laptop isn’t foolproof either. It might be safer than keeping passwords in the cloud, but if your computer gets stolen, it could spell trouble.

Security magazinereported a joint study by Lancaster University, Fujian Normal University and Peking University. They looked at the most common passwords, based on a leaked Yahoo database of personal information. Thieves hacked one third of the Yahoo passwords with fewer than 100 attempts.

The most common password was “123456.” The second most common password was, wait for it…. “password.” The third most popular was “welcome” and the fourth was “ninja.”

Daniel J. Levitan is a professor of Psychology and Behavioral Neuroscience at McGill University. In his book, The Organized Mind: Thinking Straight in the Age of Information Overload, he suggests something better. “Don’t even think about using your dog’s name,” he says, “or your birthday as a password, or, for that matter, any word that can be found in a dictionary.”

Instead, he says we can easily remember complex passwords in our heads, and if we need to, we can change them every month.

He recommends thinking of a sentence that’s easy to remember, and then using the first letters of that sentence for the password. If you’re easily amused (as I am) use a ridiculous event from your past–one that you’re never going to forget. Here’s an example:

My best friend Joe farted in a jar.”

This could be turned into the password: “M b f J f i a j”

The above example uses both upper and lower case letters. If the password requires a special symbol, you could include one. In this case, I could emphasize that Joe farted in the jar by putting an exclamation point after the initial letter of his name.

M b f J ! f i a j

For added security, I could add a number in the middle. Joe was 15 when he farted in that jar, so I could use the following:

M b f J ! 15 f i a j

This could be the standard formula for every password I use. For example, if I were to use it for a Schwab brokerage account, I could simply add “Sc” to the beginning:

S c M b f J ! 15 f i a j

If it were a Gmail account, I could use this password:

G m M b f J ! 15 f i a j

If the password needed to be changed once a month, I could add the month to the end. Here’s how it would look for October.

M b f J ! 15 f i a j o c t

In The Organized Mind, Dr. Levitan says we could write variations down on a piece of paper. Even if a thief found them, they wouldn’t make sense. Here are some examples he provided in his book:

Aetna health insurance std formula w/o special char or number
Citibank checking std formula
Citibank Visa card std formula w/o number
Liberty Mutual home insurance std formula w/o spec char
Municipal water bill std formula
Electric utility first six digits of std formula
Sears credit card std formula + month

Perhaps, if Karen had used such a strategy for her Facebook account, her young nieces would have been spared a graphic visual. Then again, it might help them in the end. They could use Karen’s story to create an unforgettable password.

Related Articles

This article contains the opinions of the author but not necessarily the opinions of AssetBuilder Inc. The opinion of the author is subject to change without notice. All materials presented are compiled from sources believed to be reliable and current, but accuracy cannot be guaranteed. This article is distributed for educational purposes, and it is not to be construed as an offer, solicitation, recommendation, or endorsement of any particular security, product, or service.

Performance data shown represents past performance. Past performance is no guarantee of future results and current performance may be higher or lower than the performance shown.

AssetBuilder Inc. is an investment advisor registered with the Securities and Exchange Commission. Consider the investment objectives, risks, and expenses carefully before investing.