Loading
I'll let you in on a little IT humor. We techies are a wild and crazy bunch, so be warned. Picture the scene, your friendly neighborhood computer consultant — think Brad Pitt in glasses — is typing away feverishly on a user's computer when he suddenly turns — his muscles rippling and his flowing blond locks cascading in a wave off his neck — to ask, “Okay, what's your password?”
That expression of utter uncertainty is a classic source of amusement for IT personnel. I know we're weird.
Truth is, passwords are a big pile of hurt. People don't like to use them or remember them, and it is even more painful for network administrators and IT staff. Take every password you need to know and multiply it by at least 50. Our janitor's key-ring worth of passwords overfloweth. Trust me, we feel your pain.
The good news is a when you deal with a constant exposure to passwords, it makes some truths especially clear.
First, if you have an option to use a password, use one. It's amazing how even a simple easily breakable password can stop a no-goodnick or more likely a dumb teenager from wreaking havoc with your computer and life. The most clear example of this is forgetting to turn password security on a Wi-Fi router. At best you're going to have people using up your network bandwidth, but you could easily be giving a criminal a completely anonymous, easy way into the Internet and your computer. Even putting in a single character as a password is enough of a bar for most intruders that they'll pass your router by without a second look. It's the low-hanging fruit rule; don't be the easy mark. So if you see that little password box, don't just skip it.
Use something to help you create random passwords or at a minimum to remember your passwords. For years, I kept a Word document full of passwords that I would add to as needed. Yes, this isn't secure and yes you're doomed if a hacker makes off with this document. But in the grand scheme of things, if a hacker has enough access to your computer to get to said list, you're already sunk. This is a much better option than just relying on your memory.
A better, but slightly more expensive option is a password manager. These programs allow you to create lots and lots of random really long passwords that you don't have to remember and that you can easily access wherever and whenever you need them. I use a great program, called 1Password. It, like most other password mangers, allows you to create a single password to easily accessible a database of other much more complex passwords. The passwords are shared and updated instantly across computers and mobile devices using the Dropbox service and 1Password has plugins for the most popular Internet browsers to make inputting them there easier. Forget shorting phrases or pneumatic devices, 1Password creates completely unique, nonsense passwords that I don't need to remember because they're all hidden by the only password I will ever have to know.
A number of other very popular password managers are LastPass, RoboForm, mSecure and KeePass. Yes, most of these apps cost money, but imagine the brain cells saved ditching all the other passwords and think about all the useless trivia and reality TV you can cram in instead. Spend a little money and make it easier on yourself.
Third, in most cases, two-factor authentication is a dead-simple extra level of security for your online accounts. If you have a cell phone with unlimited or low-cost texting, you can handle most two-factor authentication. The net effect of using it is whenever use your Apple, Google, Facebook, Twitter or Dropbox account on a new computer, the service texts you a password to put in to verify that it's you. This type of security is extremely effective because it requires a hacker to not just break your password, but also to steal your phone or computer. In the security business, this is known as something you have and something you know. Having a system ask for both is much much more secure than either piece by itself. All you have to do to take advantage of this security is to take the few minutes to set it up.
As much as passwords are a pain point for us all, hope could be coming in next year. Apple's new fingerprint technology, iBeacon — which confirms your devices location for shopping — and password synching is showing hints that we may have to remember less in the future as our i-devices step up to prove who we are and log us in.
Similarly, rumor-ish technology journalists have reported that search giant Google is testing the use of a keychain-sized battery-less USB device, called a YubiKey NEO for authenticating your identity to a computer. The device, which is already a working product, is similar to smart card devices used for military security. Plug it into any computer and you will only have to type in a short four-digit pin number to verify your identity.
So ironically, maybe some form of physical keys are the future.
Sean Roth is a self-professed geek. When he's not following real estate and businesses for the Business Observer, he's musing about the latest doohickey.
Your free article limit has been reached this month.
Subscribe now for unlimited digital access to our award-winning business news.
Join thousands of executives who rely on us for insights spanning Tampa Bay to Naples.
