Passwords, What should I do?
We all have a ton on passwords to remember now. Most of us have heard that it is not a good idea to use the same password on everything. Although, you may not have been told why…
In brief, I will explain it. Passwords are transmitted through the internet in two basic forms, plain or encrypted. Most financial sites use what is called SSL (secure socket layer) encryption. This keeps your information pretty safe enroute from point to point. A lot of you social sites, forums, clubs, or small member sites even transmit the password in plain text.
Plain text password transmission allows anyone to get your password as it passes through. Without getting complicated, most all information on the internet travels through a bunch of different computers (called servers) before it reaches its destination. An unsavory administrator, or a hacker that has breached their system, can grab the password as it passes through with a “sniffer.” A sniffer is basically a program that monitors internet traffic.
How do I know which is being used, plain text password or SSL encryption? Just look at the edges of your browser. On all the browsers I am aware of, a padlock appears somewhere. It is usually in the lower right on FireFox and to the right of the address bar on Internet Explorer. If you see the padlock, you password is going through SSL encryption.
Of course, SSL encryption means the password is safe enroute. Whether you can trust the site administrators on the other end, and whether they keep there servers secure from hackers is a whole different story.
So, what should a person do? At the very least, you should use different password for your financial sites and for your “play” sorta sites where the passwords go through in plain text. For the best security, a different password should be used on every site. I know, you are going there is now way I can remember all those passwords!
Well, I have a FREE solution for you. www.passwordmaker.org. This program is great. You input your master password and the site name you are logging into. The software uses an encryption scheme to then produce a secure password! You remember one password, yet you get an individual password for every site.
Now you ask, but what is I am at a friends house who doesn’t use the software or an internet cafe? Well, they have an “online” password generator that you use to put in the same information as your application at home, and presto there is the same password.
I admit the away from the home option is a bit of a pain…. so, for the sites you would often access away from home (email, myspace, instant messaging, whatever) I would just have a password(s) you remember for them. Let password maker handle your financial sites, or any other sites that involve money or information you really need to keep private. The reason I say this is simple, if you think about the skilled hacker criminal out there… does he care what you said to your friend Sally about Bob?? NO. He is wanting to make money. The quickest way to do that is penetrate your online banking or PayPal account that has money.
So, take my advice, use passwordmaker where you need secure passwords; and sleep/ surf a little easier.