Live video and blog: Winter storm impact
Snow emergencies
Weekend closings
Winter Storm impact: Northeast Ohio communities issue parking bans

Call For Action: Are Your Passwords Secure Enough?

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

Do your online passwords set you up for identity theft? Don’t say no until you hear what one internet security expert had to say.

If you’re like most people, you have social media accounts and you probably share, what seems like, harmless information.

Topping the list of commonly-shared personal facts is the name of a loved one, and that includes the family dog.

"I try to think of something fairly simplistic," said Brecksville artist and medical illustrator, Kelli Payto, confirming what research has indicated.

Payto also acknowledged using the same password on multiple accounts, which is something else she has in common with the rest of the online world.

"It's used for a few different accounts, just for ease..."

According to Jake Garlie, from SecureState in Bedford, keeping it simple is what puts the public at risk for identity theft.

One of Garlie’s specialties is uncovering vulnerabilities in client websites before the bad guys do, which makes him uniquely qualified to give advice.

"Come up with something that doesn't relate to you at all. It doesn't have any meaning whatsoever; it doesn't really have to be something that's a part of you," he said.

In fact, Garlie recommended forgetting about passwords altogether. He told FOX 8 Call for Action Reporter Lorrie Taylor that people should be using pass-phrases instead.

"People are using some dictionary words with some digits at the end and ultimately those are very, very easy to crack,” he said. “It’s something that's very predictable, capitalizing the first letter of the word and putting digits at the end is the most common thing that we see."

passwords

Garlie had advice for web surfers who log in to multiple websites using one password.

He recommended devising a different pass-phrase for each online account and then writing them down or entering them into an online password manager, making it easier to keep track of several pass-phrases.

Garlie said if one account is hacked, the rest will still be safe. Kelli Payto said she intends to take Garlie’s advice, as long as she can keep it simple.

"I should give it a shot, yea, I absolutely should because I'm guilty of using the same password for multiple uses; I'm guilty."

*CLICK HERE for Lorrie's Call for Action report on Identity Theft schemes.

3 comments

  • David C Brown

    Here’s some password help.

    I regularly use complex 22-character passwords that are
    unique to each site and system that I use.

    Using my method I do not have to write them down to remember them.

    If you would like to learn how to use my method, visit the Resources page on my website and you can try it out for yourself.

    Look for the free
    “How to Create Secure and Easy2Remember Long Passwords” poster.

    Check it out at https://www.businesscompletesolutions.com

    I hope this makes life a little easier for my fellow IT and InfoSec people.

    I wish you the very best.

    Dave

    David C. Brown, PMP, CISSP, CIP
    S.M.A.R.T – Business Improvement Specialist
    Business Complete Solutions

  • meg119

    I don’t think the question is just “Are your passwords strong enough?” anymore. Just a strong password can still be hacked. Everyone should be using some sort of two-factor authentication solution for everything. The only problem w/ 2fa is the usability factor. Most 2fa solutions are annoying to the user so no one wants to use them. I started using a 2fa solution called Toopher through my LastPass and WordPress account and I absolutely love it. Not only is it easy to set up, but it also has an automation feature that makes the authentication process invisible once you saved your locations. It uses the location awareness of your smartphone to authenticate users, that doesn’t require you to do any extra steps as long as your phone is in your pocket (or in a close range that you’re able to choose.) It’s easy and secure… what else could you ask for?

Comments are closed.