Story Tools: PRINT | Text Size: S M L XL | REPORT TYPO | SEND YOUR FEEDBACK

In Depth

Technology

Passwords

Dealing with 'password inflation'

Oct. 1, 2007

W0t, @ga1n!? Every month (if you're lucky), corporate information technology forces you to change your e-mail, network and other log-in passwords.

On top of that, there are numerous websites and accounts that demand passwords for access. A recent survey by RSA Security, a Bedford, Mass., consulting company that advises businesses on security issues, found that one in five business people are juggling more than 15 passwords.

Managing this "password inflation" leads people to get lazy, using easily guessed words or dates and writing them down where they can easily be found. Two-thirds of the respondents to RSA's study said they knew co-workers who kept their passwords on pieces of paper, and 40 per cent have seen passwords on Post-it notes stuck on workstations. The study also found that at some large companies, as many as half of all requests flowing into IT help desks involved forgotten or compromised passwords.

Passwords people choose are, on average, very weak. People are underestimating the level of ingenuity and determination on the part of hackers.

— Telus security expert Richard Reiner

"For business, passwords are a huge concern," says Richard Reiner, chief security and technology officer for Telus Security Solutions. "Passwords people choose are, on average, very weak. People are underestimating the level of ingenuity and determination on the part of hackers."

In fact, research shows that more than half of all passwords can be cracked within a few minutes, he says.

Choosing a password

Strictly from a security perspective, the best passwords involve lengthy combinations of numbers, letters and punctuation marks. The worst are those comprising any piece of information that can be associated with you, such as your birth date or phone number. But any word or combination of words in the dictionary can easily be cracked by hackers' software utilities.

Those who use the same password for many accounts invite the most danger.

"The risk is that one site they use might be hacked, compromising all their other accounts," Reiner says.

The most effective security solutions combine a password with a biometric reader or an ID fob — a small electronic key that allows access to a computer — or, as Reiner puts it, "something you know and something you have."

Reiner recommends two password-creation techniques. One is to download software such as the free Acerose Password Vault. You install it on your computer, create one strong password that logs you into the program, then the software automatically generates and/or remembers all your other passwords.

The other approach for creating hard-to-crack passwords is to think of a familiar phrase — a line from a favourite song or a private joke, for example — then figure out a pattern of scrambling the letters. For instance, the password could use the first letter of the first word in the phrase, second letter of the second word, and so on.

Password-creation techniques

Here are some other suggestions, culled from a range of sources, for devising passwords that are both secure and easy to remember:

  • Use the calendar. Type in the month, year and a few letters to identify the account, such as "sep06Budgt." The following month, change "sep" to "oct." No repetitions. No-brainer.
  • Add characters. Take the name of the account or website, then add, say, the last four digits of a familiar phone number (though never your own). That might produce "bizblog9485."
  • Use mnemonics on random passwords. If you get a password assigned, don't change it — just find a way to remember it. Say you got "4tgGw39DK." That could become, "For the great Google warrior 39 Donna Karens." Not poetry, but say it a few times and it turns into a mental tattoo. You can get random character strings from free online utilities like Passnerd.com and BizFormBar.com.
  • Combine small, misspelled words. To make a password easier to remember, use words starting with the same letter and perhaps related meaning (hyheihallo), then perhaps capitalize the first letters (HyHeiHallo) or break the words up with numbers (Hi1Hei2Hallo3), or substitute numbers for some letters (h1h3ihall0).
  • Use first letters of a phrase. "mygolfhandicapis6," for example, would become "mghi6."
  • Devise a code. Nothing techy here, just a simple scrambling system. For example, if your password phrase is "MyHandicapIs6," move one key to the right for each character: "
  • Keypad scramble. Take a name or phrase you can easily remember, then type it using the phone keypad. "MyHandicapIs6" could become “my4263422747six."
  • Scramble words. For instance, alternate the letters of each word, so "MyHandicapIs6" could become "MHI6yasndicap."
  • Use special keys. Hold down the shift or alt key as you type part of your password. With the Alt key down on every third character, our handicap password becomes "my·anðicåpis§."
  • Add spaces. Assuming the company's or website's password protocol allows it, it's a good way to foil dictionary searches. You might have "myhan dicapi s6."
  • Remove vowels. "Mhndcps6."

The beauty of using these approaches is that this way, you can surreptitiously reuse a single password. Then, when you run out of tricks, you'll just need to get your handicap down to five.

Go to the Top

Menu

Main page

Technology

Green machines
Disk drive: Companies struggle with surge in demand for storage
Open season: Will court decision spur Linux adoption?
Analogue TV
Video games: Holiday season
Video games: Going pro
Guitar Hero
Parents' guide to cheap software
Working online
Laptop computers for students
Technology offers charities new ways to attract donations
The invisible middleman of the game industry
Data mining
Two against one
The days of the single-core desktop chip are numbered
Home offices
Cyber crime: Identity crisis in cyberspace
Yellow Pages - paper or web?
Robotics features
iPhone FAQ
Business follows youth to new online world
A question of authority
Our increasing reliance on Wikipedia changes the pursuit of knowledge
Photo printers
Rare earths
Widgets and gadgets
Surround Sound
Microsoft's Shadowrun game
Dell's move to embrace retail
The Facebook generation: Changing the meaning of privacy
Digital cameras
Are cellphones and the internet rewiring our brains?
Intel's new chips
Apple faces security threat with iPhone
Industrial revolution
Web developers set to stake claim on computer desktop with new tools
Digital photography
Traditional film is still in the picture
HD Video
Affordable new cameras take high-definition mainstream
GPS: Where are we?
Quantum computing
What it is, how it works and the promise it holds
Playing the digital-video game
Microsoft's forthcoming Xbox 360 Elite console points to entertainment push
Online crime
Botnets: The end of the web as we know it?
Is Canada losing fight against online thieves?
Malware evolution
Money now the driving force behind internet threats: experts
Adopting Ubuntu
Linux switch can be painless, free
Sci-fi projections
Systems create images on glass, in thin air
Power play
Young people shaping cellphone landscape
Digital cameras
Cellphone number portability
Barriers to change
Desktop to internet
Future of online software unclear: experts
Complaining about complaints systems
Canadian schools
Multimedia meets multi-literacy age
Console showdown
Comparing Wii, PS3 and Xbox 360 networks
Social connections
Online networking: What's your niche?
Virtual family dinners
Crackdown
Xbox 360 console game
Vista and digital rights
Child safety
Perils and progress in fight against online child abuse
Biometric ID
Moving to a Mac
Supply & demand
Why Canada misses out on big gadget launches
Windows Vista
Computers designed for digital lifestyle
Windows Vista
What's in the new consumer versions
Cutting the cord
Powering up without wires
GPS and privacy
Digital deluge
RFID
Consumer Electronics Show
Working online
Web Boom 2.0 (Part II)
GPS surveillance
Hits and misses: Best and worst consumer technologies of 2006
Mars Rovers
Voice over IP
Web Boom 2.0
Technology gift pitfalls to avoid
Classroom Ethics
Rise of the cybercheat
Private Eyes
Are videophones turning us into Big Brother?
Windows Vista
Cyber Security
Video games: Canadian connections to the console war
Satellite radio
Portable media
Video games
Plasma and LCD
Video screens get bigger, better, cheaper
Video games:
New hardware heats up console battle
High-tech kitchens
Microsoft-Novell deal
Lumalive textiles
Music to go
Alternate reality
Women and gadgets
High-tech realtors
The itv promise
Student laptops
Family ties
End of Windows 98
Bumptop
Browser wars
Exploding laptop
The pirate bay
Stupid mac tricks
Keeping the net neutral
PS3 and WII at E3
Sex on the net
Calendars, online and on paper
Google, ipod and more
Viral video
Unlocking the USB key
Free your ipod
In search of
Xbox
Sony and the rootkit
Internet summit
Electronic surveillance
[an error occurred while processing this directive]
Story Tools: PRINT | Text Size: S M L XL | REPORT TYPO | SEND YOUR FEEDBACK

World »

updated UN raises fears of civil war in Syria video
Syrian government forces renewed their assault on the rebellious city of Homs on Tuesday, activists said, as the UN human rights chief raised fears of civil war.
U.S. gets 1st hard look at future China leader
Washington gets its first hard look Tuesday at Xi Jinping, the man destined to lead China in the coming decade, during which the global powers probably will see their economic ties grow.
updated Whitney Houston's funeral to be held Saturday video
Pop star Whitney Houston's funeral service will be held Saturday in the New Jersey church where she first showcased her singing talents as a child.
more »

Canada »

updated Online surveillance bill tabled in House
A bill that is expected to give police and intelligence agencies new powers to access Canadians' electronic communications, sometimes without a warrant, has been tabled in the House of Commons.
Enbridge offered First Nations cash to study pipeline
An aboriginal organization leading the fight to prevent oil tankers on the British Columbia coast once took money from Enbridge Inc., the company hoping to build the pipeline from Alberta to a West Coast port.
Man kidnapped at Greyhound station escapes captors
Two Thunder Bay, Ont., men face charges following a kidnapping in which a man was dragged from a Greyhound bus terminal and forced into a vehicle, police say.
more »

Politics »

new Fantino says Canada's F-35 jet purchase 'evolving' video
Canada's minister responsible for military procurement now appears open to adjusting the Defence Department's order for F-35 fighter jets, citing an economic environment "we may not have any control over."
new Canadian Forces to open support hub in Germany
Defence Minister Peter MacKay has announced that a new operational support hub for the Canadian Forces will be set up in Germany.
new Amend copyright bill to end radio 'subsidy,' groups urge
Musicians and record labels want the federal government to amend its copyright reform act to end a break for commercial radio stations that reduces royalty payments to artists.
more »

Health »

Chronic fatigue may be reversed with exercise
Taking it easy is not the best treatment for chronic fatigue syndrome, rather exercise and behaviour therapy are, a large study finds.
AT&T buys T-Mobile USA for $39B US
AT&T Inc. said Sunday it will buy T-Mobile USA from Deutsche Telekom AG in a cash-and-stock deal valued at $39 billion US, becoming the largest cellphone company in the U.S.
Milky Way home to 50 billion planets: NASA
Scientists have compiled the first cosmic census of planets in our galaxy: at least 50 billion planets are estimated to call the Milky Way home.
more »

Arts & Entertainment»

updated Whitney Houston's funeral to be held Saturday video
Pop star Whitney Houston's funeral service will be held Saturday in the New Jersey church where she first showcased her singing talents as a child.
Famed romance began with exchange of letters
The 573 love letters exchanged between Elizabeth Barrett and her future husband, fellow poet Robert Browning, are now viewable online.
new Amend copyright bill to end radio 'subsidy,' groups urge
Musicians and record labels want the federal government to amend its copyright reform act to end a break for commercial radio stations that reduces royalty payments to artists.
more »

Technology & Science »

updated Online surveillance bill tabled in House
A bill that is expected to give police and intelligence agencies new powers to access Canadians' electronic communications, sometimes without a warrant, has been tabled in the House of Commons.
Higgs boson hunt aided by energy boost
The world's largest particle accelerator is ramping up its beam energy in hopes that scientists will learn definitively this year whether the last undiscovered particle in the Standard Model of Physics exists.
new Nortel hit by suspected Chinese cyberattacks for a decade
Hackers based in China enjoyed widespread access to Nortel's computer network for nearly a decade, according to a report.
more »

Money »

Raitt offers new mediator in Air Canada dispute
Federal Labour Minister Lisa Raitt is again intervening in a labour dispute at Air Canada, initiating a six-month mediation process after telling pilots and the company that any work stoppage would be contrary to the interests of Canadians.
new Nortel hit by suspected Chinese cyberattacks for a decade
Hackers based in China enjoyed widespread access to Nortel's computer network for nearly a decade, according to a report.
Greek economy shrinks 7% in fourth quarter
The Greek economy remained stuck in a deep recession in the fourth quarter, according to official figures released Tuesday that confirm the painful effects of austerity reforms intended to lower debt.
more »

Consumer Life »

Honda recalls Fit subcompacts
Honda Canada says it will recall 14,640 of its 2009 and 2010 Fit subcompact cars to replace lost motion springs.
U.S. travel fee proposal criticized by Harper
Prime Minister Stephen Harper says he doesn't think much of a new border tax that's being proposed by the United States, calling it a cash grab designed to help a budget crisis.
Bell class action suit approved by Que. court
A Quebec Superior Court judge has authorized a class action lawsuit to go ahead against Bell Mobility.
more »

Sports »

Scores: NHL NBA

preview Flames, Leafs hungry for playoff spots
The Calgary Flames are still out of the playoff picture in the Western Conference, but they're making a strong push to be among the top eight teams. The Toronto Maple Leafs might fall out of the race in the East if they don't improve their play.
Athletes and Valentine's Day
The writers here at CBCSports.ca wanted to spread some love on this special day, so with the help of Twitter we've constructed a very special Valentine's Day card for sports fans everywhere.
Bruins goalie Thomas posts Coolidge quote to Facebook
Boston Bruins goaltender Tim Thomas posted a quote from former U.S. president Calvin Coolidge on his Facebook page Monday, the latest in a string of messages that have brought attention to him.
more »

Diversions »

[an error occurred while processing this directive]
more »