A Follow Up Guest Column by Allen Perk, XLN Systems
In our last article, we spoke of the “new thinking” of passphrases instead of passwords and we explained how difficult, if not impossible, it is for even a computer to guess your passphrase when it’s larger than 24 or 28 characters.
This short article wants to discuss “login credentials”. Login credentials are defined as both your user-id and passphrase. (There may be a 3rd credential, but that’s for another article.) You’ve heard the expression, it takes two to tango. In other words, a passphrase and user-id must be correct and must be for one another before you are allowed access.
So, perhaps your user-id is more important than many had thought previously! For those sites that allow you to pick your user-id and passphrase, think of each as a security key.
Now, what should one use as a user-id? That’s really up to you, but you can make it easy to remember by using a combination of your nickname, street name, account purpose and/or favorite team name. If at all possible, avoid using your email address because, well, A LOT of people and internet devices already know your email address and if so, they are halfway to getting total access to your account.
Another security hole most people overlook is that they routinely tell their web browser to “save or remember” their user-id (and sometimes their passphrase too). This way you do not have to enter it thereby saving time. However, now you have given away one or possibly both of your “credentials” and, if someone has access to your PC, you’ve made it easier to illegitimately enter your account.
To summarize, do you want convenience or cyber safety? A little ingenuity and a little more typing will get you a lot more cyber safety. After all, when it comes to cyber awareness on the internet, we can all use safety a little more today than yesterday.
The above views and comments are those of Allen Perk, CEO of XLN SYSTEMS. XLN is a software and cybersecurity company in Columbus, OH. Allen serves on the Ohio Attorney General’s Cyber Security Advisory Board and is Chair of the Central Ohio AAC for the National Federation of Independent Business. Allen’s passion is to help business owners implement the Cyber Security practices vital for their unique size and industry. He can be reached at 614.947.3607 or by email at [email protected]