Passwords, Two Factors, and Fobs? Oh My!

Passwords are everywhere in our lives these days. They are important because of what they are intended to protect  our information.

Information is Currency

In an earlier article, I stated that information is the currency of today. There are really two meanings to currency in this context. First, information is about us is valuable to both the good guys and the bad. It’s the bad guys that we are trying to keep at bay and prevent them from misusing our stuff for their gain and to our detriment. Second, information is most useful today in that it is current and exploiting information can occur extremely quickly. So, it’s important to choose good passwords for our protection even when we might think it’s inconvenient or not necessary.

What Makes a Good Password?

One that is easy for us to remember without writing down, one that is difficult for someone to guess or to discern from our public information, and one that is of a sufficient length that it cannot be determined by brute force, i.e. trying all possible combinations. For those of you who just change the a single digit to the next number, i.e. snowball1 to snowball2, you are asking for trouble. That is not enough variation and probably one of the first things an attacker will attempt.

Strong passwords are essential. Don’t write them down. Anywhere! Get an app to keep track of your passwords. Make sure to use long passwords. Remember, longer is stronger. You should use at least eight characters, but I recommend twelve or more.

Enable Two-Factor Authentication Whenever Possible

An additional layer of security that has gained popularity in recent years is two-factor authentication. That is a method that some websites offer to increase security for those that want it that requires two pieces of information in order to unlock the account: something you know — your password — and something you have.

The second piece can be in a few different forms, such as a phone, an app, or a fob. While the first two are obvious, you may not be familiar with a fob in the digital sense. A fob is a device that produces random numbers that are based on an algorithm that is uniquely associated with you and/or the device itself. Press a button on the fob and it produces a series of numbers. You use these numbers to login in addition to your password.

Some sites will send you a text message or you will use an app on your phone to get the numbers. Every system has limitations. Regardless of how you get the numbers, the websites knows what numbers to expect. Wrong numbers? No access! And they usually are only good for that login and are not valid for more than a few minutes.

I recommend using two-factor authentication whenever possible. Some inconvenience and smart choices will go a long way towards protecting your information.