Before we get to the meat of this post, I would like to note
that “hacker” is not really the correct expression. A hacker is really just
someone that explores and pushes the limits of technology, but it’s the expression
everyone knows, so that’s what we’ll use.
The weakest point in any security system is the users. Many
times hackers will exploit people that are too trusting. This is called social
engineering. A technique of getting the user to believe the hacker is someone
official in an attempt to gain access to a system or get personal information.
We see this commonly in “phishing” attacks. An email or a phone call stating that
there is a problem with your account and they need to verify information like
your password or account number. Even if it seems official, do not respond to
these types of messages. Instead, look up the phone number of whatever company
they are claiming to be and call. If it is official, they should be able to
The other very common mistake people make is to get lazy
with their passwords. It’s perfectly understandable. With so many passwords to
remember, it’s very tempting to make them all the same and something easy to
remember. The problem with that is that if someone gets one password, they now
have the password to everything. And, if it’s easy for you to remember, it’s
likely easy for someone to guess or “Brute Force” hack.
A strong password makes use of upper and lower case letters,
at least one number, and at least one symbol such as an exclamation point or a
dollar sign. It is also best if it doesn’t resemble a word. Any hacker worth
their salt knows to replace s with $ or 5.
If you don’t have a lot of passwords to remember, an easy
trick for creating strong passwords is to use the first sentence from your
favorite book or a favorite saying, then take the first letter of that
sentence. For example, Four score and seven years ago, becomes fsasya. Now, we
want at least 1 capital letter, 1 number, and one special character, so we replace
letters appropriately. Fs@7ya is not something that will be easily guessed.
If, instead, you are like most people and have dozens of
logins, you may want to consider using a random password generator and a
password manager such as KeePass (https://keepass.info),
a free utility that keeps a database of your passwords and encrypts them so
that you only need to remember a single password to open the database.