Most computer users are familiar with the concept of virus.  By definition a virus is designed to maliciously damage data on a computer, self replicate and spread to cause further harm. Unlike a virus, Spyware does not corrupt data on a computer and will generally go undetected by anti-virus software products. Spyware is any unwanted software or technology that gathers information about a person or organization without their knowledge. Spyware may also alter the settings of a computer. Like a Trojan horse; Spyware runs undetected in the background, without the user’s knowledge. Its purpose is to report on the activities and preferences of the user. This information is then transmitted in the background to advertisers or interested parties.  The information that Spyware gathers ranges from fairly innocent (such as the web sites an individual has visited), to potentially dangerous (such as bank account details, or usernames and passwords). Spyware can cause severe privacy problems for an individual whose computer becomes compromised.

Data collection programs that are installed with the user’s knowledge are not considered Spyware if the user knows what data is being collected, and with whom it will be shared. However, Spyware is often installed without the users consent as a software virus, drive-by download or as the result of installing a new program. Many Spyware applications are bundled as hidden components of popular freeware, shareware and commercial products. Spyware can also exist in any form of executable found on web pages including applications, installers, active X, plug-ins, scripts or applets. The most widespread method of installing Spyware is known as a drive-by download.  A drive-by download occurs when the action of visiting a seemingly innocent web page, causes unwanted Spyware to be downloaded and installed on an individuals machine without their permission.

Many types of unwanted and potentially dangerous types of Spyware exist today. The prevalence of Spyware software and technologies increases daily, mirroring the exponential growth and popularity of the internet.  The creators of Spyware cannot ignore the opportunity to gather the personal data and surfing habits of unwitting users. For this reason Spyware will continue to be created in order to influence and manage our behavior, and to further the gains of its creators. As long as our personal Information is worth money, the growth of spyware will continue.

Passwords for basic security

The easiest way to simplify password proliferation is to use the same one for everything. This is not recommended unless someone else gaining physical or web access to your details is not an issue. There are hackers and scamsters out there and using the same password is like giving them your front door key. Create different passwords for every account and if you can’t remember them then the easiest option is simply to store a list on your computer.

If your computer remembers them for you, you might still need to access them if you’re away from home. One option if you have a web-based email service like Yahoo, Hotmail or Googlemail, is to send them to yourself in a message so you can retrieve them wherever you are. (Don’t put ‘passwords’ in the subject field!)

Higher level security

For top level security, don’t let your browser remember your passwords for you and keep your passwords in your head. If you don’t want to spend time doing the ‘reset password’ dance and waiting for an email to come in to reactivate your account, the key is creating memorable passwords that are sufficiently strong.

Creating good passwords – and remembering them

Many sites will ask for a password that is at least eight characters and includes at least one number. Some are also case-sensitive. The secret for a memorable password is to work to a template made of several easy-to-recall components. For example, in number + letters + letters, number could be the first four digits of your phone number + an acronym for the site the password is used to access + either date, month or year of birth: 5552spmk70 for your supermarket shopping.

It doesn’t look memorable, but the key is that you can work it out. By varying the last number you will still have a substantially different passwords that only give you three options if you get it wrong, so most sites won’t shut you out. For additional security add one capital – perhaps the last letter of your site acronym: so 5552spmK70.

The template as mnemonic can be varied almost infinitely according to your preferences. Make it more complicated if you like (generally speaking, the more letters and letter-number-case combinations, the harder it is to crack). If you have two passwords for one site, make one the other one backwards.

Be creative

With imagination and a little effort you’ll be able to manage and remember computer passwords galore, or at least have a good shot at guessing if your memory fails you.

1. Don’t leave passwords blank.
2. Don’t use your username as a password.
3. Don’t use identifiable information (such as a birthday).
4. Don’t write passwords down.
5. Don’t use auto-fill for passwords (especially on public computers).
6. Do use 8 characters or more.
7. Do use a combination of uppercase, lowercase, numbers, & symbols.
8. Do memorize your password.
9. Do change your password periodically (at least every 60 days).
10. Do keep your password a secret.

The success of the brute force attack depends on two things.  1) password length and 2) number of possible characters that are being tested.

Let’s assume that a brute force attacker will use all lower case letters, all upper case letters, plus about fourteen common keyboard symbols.  That gives the attacker (26+26+14)=66 characters to work with.  A 1-character password has 66 different combinations.  While a 2-character password has 66*66 combinations or 4,356 combinations.  The table below continues the calculation.  The time to crack column is based on testing 250,000 passwords per second.

In summary, when it comes to password security, more characters are safer.

The best passwords for 2012 are the same as previous years: include as many characters as possible with a mixture of upper/lower case letters, numbers and symbols.  Don’t repeat the bad habits of using lazy passwords.

Some are lazy keyboard passwords like “qwerty”, “asdfasdf” or “123456″.  Then there are security related passwords like “password” or “secret” or “private”.  Strange passwords like “cheese” and “monkey” are also common.

You can bet that anytime someone tries to break into a website that they start with those passwords.  Use our site to select a better password today.

Password Mayhem

Everyone using the Internet these days has dozens of passwords.  (Remember: that it is always a great idea to use different passwords on different sites.)  Storing your passwords is important because your favorite web browser will not store your passwords for all sites.  Banking sites, in particular, are designed to not store your passwords the way other sites store them.

Store Them Locally

Writing your passwords on sticky notes or in a notebook is probably the most common method used by people. Some people prefer this method because they can tell someone they trust where to find their passwords in case of death.  It is also the easiest way to access your web sties if your computer dies or is lost/stolen.

Another method is to save them in a spreadsheet saved to your computer.    For extra security, add password protection to the spreadsheet, give it an obscure name and store it in a hard to find folder on your computer.  But beware that if anyone has unlimited access to your computer (if it was stolen!), it would eventually be found.

Another solution is to use a piece of software like KeePass.  It is a downloadable piece of software that saves all your passwords.  It is password protected so you only have to remember one password to access your other passwords.

These methods work best for home users where there are no untrustworthy people snooping around your computer area.

Password Laziness

It is highly recommended that you use a different password on each website that you visit.  Especially if you have valuable personal information on those websites.  Recent data exposed by hacker groups found that many users have the same passwords on multiple sites.

Why should you care?  If a website that you use is hacked – or if a webmaster turns to the dark site – someone could have access to all your other sites.  By creating different passwords for every site, you can protect yourself from events happening beyond your control.

Password Diversity

If the thought of having different passwords for every site you use is overwhelming, then at least try to divide your sites into tiers.  Use one password on sites that don’t store sensitive data (sports, news or blogs).  Have a different password on sites that could expose personal – but not financially ruining – information (facebook, twitter, etc.)  But for banking and investment sites you should always have different passwords.

Unless you create an easy to remember mnemonic device for your random passwords, you may never be able to log in without referring to your password cheat sheet. There is a trade off between usability and security.

Example of a mnemonic password reminder:  bY$4cC@Fri = bring Your $ for cupcakes on Friday

Our site provides passwords using words and numbers and symbols at any length. The words are randomly chosen and the letters are randomly capitalized.

One of our passwords: gRIG54Daks@

Thousands of people visit our site every day to create passwords. From system administrators to casual computer users. So give our random password generator a try. Use one of the passwords or let it ‘inspire’ you to modify it and create a password that you can remember.

Thanks for reading and stay (cyber) safe.