Password Rules

Company Store / Shopping Mall / Free Web Site Traffic
Adult Bookstore / Sci-Fi Bookstore / Digital Products Site
Your Web site GUARANTEED to be on the FIRST PAGE of Google, Yahoo, and Bing
Get Cash back on all your online purchases - you are ONE click away!!
Send One Million FREE Guaranteed Visitors to my Web site

Please help us feed hungry children in Vietnam

RULES FOR SECURE PASSWORDS

The FIRST and most important rule I would like to suggest is NEVER --- EVER enter a password from a link that arrives in an e-Mail. Scammers set up bogus "phishing" sites that are expert counterfeits of bank sites, and will appear to be genuine. This is the easiest way for a scammer to get your passwords and access to your money. If you get an email that APPEARS to be from PayPal™ or from any other financial institution asking you to "verify" or "update" your account information, chances are it is an attempted scam. Do NOT reply to these emails, or click any links in them. DELETE THEM IMMEDIATELY. I have posted a few dozen examples of "phishing" e-mails on http://starturl.com/zneda. If you have any concerns about your bank account PayPal™ account, then go DIRECTLY to their Web site from your browser's URL window and check the status of the account. Any messages from the bank, et al. will be posted in your message section when you log in to your account.

The NOT TO DO "Short List"

Never respond / click on links in emails from banks or any financial institution.
Never go to a bank / payer account from an e-mail link.
Why? Links in e-mails often take you to a "replica" of a legitimate Web site, where the information you enter goes directly to the crooks. Replying to these emails confirms to the crooks that the email address is valid, and may allow the more technically advanced of them to "phish" your computer's IP address as well.
Never enter a password on a library computer, or a computer in an "Internet Cafe'".
Why? Crooks can install software on public PCs called "keyloggers" which store every keystroke in a file. After you leave, the crooks can retrieve this file and see every keystroke you made, giving them access to your password and log-in information. You can avoid this by using a "Roboform 2 Go" security key (see below).
Your passwords should not be any word that can be found in a dictionary.
Why? Some "hacking" software uses the words in a dictionary in automated attempts to gain access to your account. Although this may take some time due to limitations on how many attempts can be made during a logged-in session, the software persists until it exhausts all the words in the database, during which time you may not be able to log in to your own account.
Your passwords should not be a pet's name, or the name of a family member.
Why? Anybody who has even casually met you can get access to your account.
Your password should NOT be your mother's maiden name as some banks require.
Why? Genealogy sites and public records can be accessed by anyone. If your bank of financial institution asks you for your mother's maiden name.... MAKE ONE UP!
Your passwords should not be birthdays, or dates of any sort.
Why? Anyone who casually knows you or logs on to a genealogy site can get birthdays, etc.
Have different passwords for every account.
Why? The compromise of ONE account will not affect the others. The problem of remembering a zillion different passwords is addressed in the "DO" Short List, below.
Passwords should be at LEAST 8 characters long where possible on the site being accessed.
Why? Longer passwords are exponentially more difficult to "hack".
Passwords should not make ANY sense - except to you.
Why? If the password makes sense to anyone except you, it should be changed.
Never write passwords down. If you must, store them in your PDA under a master password that follows these rules, or use a "Roboform 2 Go" USB key (see below).
Why? Writing passwords down defeats their purpose.
Make your passwords case-sensitive whenever possible; i.e.: dbx7Gh5Rs2 vs. dbx7gh5rs2
Why? Case-sensitive passwords - especially when they include mixed letters and numbers - are orders of magnitude harder to "hack" and impossible to "guess" - especially if they don't make any "sense".

The DO "Short List"

Change your passwords often. If you find all these different passwords difficult to remember, then the next suggestion is the solution for you.
Why? Trying to "hack" a changing password is like trying to hit a moving target - it is much more difficult.
If you buy or sell on eBay, or do ANY purchases online you should get a PayPal™ account with a security key.
Why? The security key adds another layer of protection, however, even this is not foolproof if you're not careful. Read my article on the PayPal™ security key.
To keep passwords OFF your computer, and to safely be able to use other PCs (even library and Internet Cafe PCs) get a copy of "Roboform 2 Go" See: http://www.roboform.com/pass2go.html This program stores your passwords (so you don't have to remember them, and you therefore can make them as long and as complicated and as totally nonsensical as you wish) on a standard USB drive (if you don't have one, you can get a USB drive here). With this program, you will have access to all your password / log-in information, and it is D.E.S.-encrypted on the USB drive. When you remove the USB drive from the computer, the program unloads itself, and there is no trace of the passwords left on the computer. See the Roboform Web site for other security products as well. I personally use one, and it is very convenient and safe.
Why? The small investment you will make in a USB drive and the software to load onto it, is a ONE time investment that easily protects your security while also solving the problem of remembering every password for every account you have.