The Biggest Mistake People Make Online

The threat from criminals online continues to grow. It’s not just “hackers” but actual criminal activity, backed by organized crime, and perhaps even some governments. They want your passwords, especially for bank and other financial accounts, so they can drain them for you, and they use some pretty tricky and often sophisticated means to get them, either from you, or from sites they break into.

Weekly Weird News

Thus it’s imperative that you have good passwords. What makes a password good? Long and complex, and unique. Long and complex makes it harder to crack; unique means that if a password is compromised, it can’t be used to get into other accounts too. (How many of you have the same login and password at more than one financial site?! Or, much worse, have the same login/password at financial sites and other sites that might be less protective of your information? Yikes, is that a financial disaster waiting to happen!)
How long? Eight characters is nowhere near enough. Security experts now recommend a bare minimum of 12 characters ...but 16 is better. I have my LastPass password generator set to 20 ...and then often add more to what it comes up with, especially if it's for an important site, like my bank.
How complex? Not just upper and lower case, and a digit or two. The more other characters allowed the better, such as ! @ # $ % ^ & * ( ) | \ / = / ~ } . Yes, really.
The problem is, such passwords are very hard to remember, and type. But software comes to the rescue: there is software that “remembers” all of your passwords so you don’t have to, and enters them when necessary — after checking to ensure that you’re really at your bank’s site, not one that just looks like your bank’s site with a quick glance. Then, you only have to remember one password: the one to unlock the software that holds your passwords for you. The good news is, such programs are pretty easy to use: 80-year-olds who can use banking sites can certainly use this software easily; no mad tech skillz required.
Is that safe? Yes: your passwords are encrypted on your hard drive using the password you choose. If done right, they’re also backed up elsewhere, such as the software company’s servers. Even there, they’re well secured. If you want more assurance than that, consider that Wired magazine notes that 73 percent of computer security professionals use password vault software, while only 24 percent of “non-experts” do. Frankly, I’m surprised it’s that high. I use LastPass, which is free for most uses (thus: no excuses!) If you want to have secure access to your passwords on your smartphone too, they ask for a mere $12/year for that. But again, on your computer, it’s completely free. A small price to pay for a wall around your bank accounts to protect you from organized crime.
Needless to say, I have no association with LastPass, and am not making anything by recommending them. I’m simply a satisfied user (and yes, I pay the $12/year!)
Do not be frightened by the “but LastPass has been hacked!” scare tactic. They discovered hackers trying to get passwords in their systems, and not only announced it, but went on to say what they were doing about it. There have been no reports of any passwords being compromised. Not one. Even those worried about the theoretical danger could thwart the risk by simply changing their LastPass password, which re-encrypts all of their passwords. Whoopie.
The bottom line is, good passwords are important, and password vault software makes them practical.

Does This Risk Scare You?

Well, it should. The risk is real. Hoping for the best won't work: that's what the criminals want. The best defense is knowledge, and now you know an important component: how easy it is to have good passwords. Not doing it is the biggest mistake people make online.
Additional Reading: