Understanding passwords.

The stronger your passwords, the more work an identity thief has to do to break them. A strong password is a password that:

• Has lowercase letters.
• Has uppercase letters.
• Has numbers, and
• Has special characters.

We label passwords with these traits as strong because an identity thief needs more time to guess or break strong passwords. With all other factors being equal, thieves break the weak (easy) passwords and then commit identity theft. I am borrowing verbiage from http://windows.microsoft.com/ here.

Recommendations.

In addition to the traits I mentioned (above), Microsoft recommends your password:

• Is at least eight characters long.
• Does not contain your user name, real name, or company name.
• Does not contain a complete word.
• Is significantly different from previous passwords.

Audit your passwords.

Start by listing 10 online websites you use. This would include your bank, office supply provider, preferred vendors, social media accounts, power company and stock broker. Change the passwords that do not qualify as strong.

How it looks in real life.

Daphne feels her passwords are too weak. She bought a Toyota Prius a few years ago and changed all her passwords to “toyotaprius.” I know what you’re thinking. Let me continue. She logs into LinkedIn with her usual password toyotaprius. She sees this password has only lowercase letters. No uppercase letters, numbers or special characters. She changes her LinkedIn password to T0y0taPr!u$. This new password qualifies as strong because it has lowercase letters, uppercase letters, numbers and a special characters. The “o”s are “0”s (zeros), the “I” is an “!” (exclamation mark) and the “s” is a “$” (dollar sign). Daphne can sleep better at night.

When a hacker tries guessing passwords, as part of a pool of 100,000, he will stumble across other peoples’ weak passwords. As soon as he sees some successes, he starts stealing identities. Do not let this happen to you. Let others embrace weak passwords and become easier targets.