Privacy

10 Most Common Passwords

Posted by Andy on September 08, 2009
Privacy, Security, Tech Tips / Comments Off on 10 Most Common Passwords

A note on Passwords.  If yours is on the list below, change it now.  Seriously, it’s just not secure. 

In doing some research on this topic, I came across a lot of scary stats.  There was a MySpace exploit not that long ago from which a lot of password data was generated.  Have a look at the write up here.  The gist of the report is that for the most part, people are getting better at using good passwords, but there are significant number of passwords that are easy to guess.  In addition, the article makes the very good point that passwords are just a bad way to secure things because crackers are getting better and better. 

None of this changes the reality that passwords have outlived their usefulness as a serious security device. Over the years, password crackers have been getting faster and faster. Current commercial products can test tens — even hundreds — of millions of passwords per second. At the same time, there’s a maximum complexity to the passwords average people are willing to memorize (.pdf). Those lines crossed years ago, and typical real-world passwords are now software-guessable. AccessData’s Password Recovery Toolkit would have been able to crack 23 percent of the MySpace passwords in 30 minutes, 55 percent in 8 hours.

So, back to the list of passwords – this list is from PC Magazine:

  • password
  • 123456
  • qwerty
  • abc123
  • letmein
  • monkey
  • myspace1
  • password1
  • link182
  • (your first name)

To expand on this list, here are some common password themes (source):

  • 123456, 123, 123123, 01234, 2468, 987654, etc
  • 123abc, abc123, 246abc
  • First Name
  • Favorite Band
  • Favorite Song
  • first letter of given name then surname
  • qwerty, asdf, and other keyboard rolls
  • Favorite cartoon or movie character
  • Favorite sport, or sports star
  • Country of origin
  • City of origin
  • All numbers
  • Some word in the dictionary
  • Combining 2 dictionary words
  • any of the above spelled backwards
  • aaa, eee, llll, 999999, and other repeat combinations

If you recognize you password or your password tendencies on the lists above, change them!  You should always use what are called “Strong” passwords.  Microsoft defines strong passwords as follows:

A strong password:

  • Is at least seven characters long.
  • Does not contain your user name, real name, or company name.
  • Does not contain a complete dictionary word.
  • Is significantly different from previous passwords. Passwords that increment (Password1, Password2, Password3 …) are not strong.
  • Contains characters from each of upper case letters, lower case letters, numerals and symbols (all keyboard characters not defined as letters or numerals)

The best passwords are random – generate it once, remember it forever and you are secure.  PC Tools has a great generator here.  It stinks to have to remember something that is not intuitive, but it’s way better than identity theft.

10 Facebook Privacy Settings you NEED to know.

Posted by Andy on September 02, 2009
Privacy, Security, Social Networking / 3 Comments

I will summarize here, but the full article by Nick O’Neill from www.allfacebook.com is a great read, and something I wish I had written.  Facebook is a great tool, but in a world where information and identity theft is rampant, you need to know how to protect yourself from, well, yourself.

1) Use Friends lists to group your friends into logical groups.  This allows you to grant different access rights to different groups of people.

2) Remove yourself from Facebook search results.  Like the author, my family is chock full of teachers.  For the most part, they don’t want their students to randomly find their personal information from a Facebook search, but still want to be on Facebook for family and friends.  The solution?  Remove yourself from Facebook search results.  You do this from the “search privacy settings” page.

3) Remove your Facebook self from Google search results.  As you know if you Google yourself (doesn’t everyone do this?) your Facebook profile will come up pretty quickly.  You can remove yourself from Google searches from the “search privacy settings” page – uncheck the “Create a Public Search Listing for me …” check box.

4) Control who sees your tagged photos – You can do this from your profile privacy page.  The cool thing is if you’ve set up your friends groups right, you can allow access to tagged photos by group.  That way the photo of you that you don’t want your boss to see won’t get you fired.

5) Control who sees your photo albums – as with tagged photos, not all pictures are for all eyes.  Check out the Photo Privacy Page.  From there you can control who sees what.  Very handy.

6) Control how your relationship status is displayed in news feeds.  Everyone likes to tout their relationship, but do you really want everyone (boss, business contacts) to know?  Uncheck the “Change relationship status” box on the News Feed and Wall section of your Privacy settings.  This will prevent people from seeing changed to your relationship status in their news feeds.

7) Be sure that applications don’t publish embarrassing news feed posts.  Many applications you sign up for post items to your news feed that are potentially embarrassing.  Be sure that you scan your profile every time you install an application, or better yet, avoid applications completely.

8) Control who sees your contact information.  If you use Facebook for business and for personal contacts, you can control who sees what contact information from you using your Friends Groups.  You can add multiple email address and phone contact items, then edit the custom privacy settings for each to control who sees them.

9) Avoid embarrassing wall posts.   Facebook lets you control not only who posts to your wall, but also who can see those posts.  In the Profile section you can change who posts to your wall by choosing “custom” from the “Wall Posts” drop down.  From there you can use your Friends groups to control who posts and who sees what.

10) Like your hands, keep your friends to yourself.  I love seeing who is friends with my friends, but some people don’t want to share, and in some cases, it’s probably not a good idea to share.  Once again, you can customize who can see your friends list using your friends groups.

There are endless ways to control your privacy on Facebook, but you need to take the time to sort through the settings.  Friends Grouping is a great place to start and ensures that you have separation of your business and personal contacts.  Get to know your privacy settings!!

Tags: ,