Ask most people where they should be sure to use a strong password (see below) they will say "online banking", or maybe "ecommerce shop account" Very few will say: "my email account."
STRONG PASSWORD INGREDIENTS
- 8 or more characters
- upper and lower case letters,
- at least 1 number,
- at least one punctuation mark,
- not made up of words found in a dictionary
And yet, our email accounts are the first line of security for opening a new online account, or resetting your password. A hacker who has guessed your email account password can go to your facebook account, slab500 account, online shopping accounts, all of which are referenced in your emails, and click "reset my password." At that point, your password, or a new password is sent to your email address. The hacker checks your email, resets your passwords, and at that point, at least online, they are effectively - you.
This is why it is very important to change your email password regularly. And to use the guidelines above to create a password that is difficult to hack. The problem with these passwords, of course, is that they are very hard to remember. Luckily, there are some applications for the mac and for windows machines that keep track of your more complex passwords for you. 1Password is a good app for this purpose. You set it up, and it remembers all of your online usernames and passwords. It keeps this information encrypted on your machine, behind 1 password that you have to remember.
One method for creating a password that is more secure is to use the initials of a phrase of words. For example
One Smart Fellow, He Felt Smart, Two Smart Fellows They Felt Smart
Can be converted to the password 1sFhfS2$fTfs - or something like that. You pick a phrase, and decide how you want to add caps, letters and punctuation. The phrase sticks in your memory, and there are no dictionary words. Experiment. See if you find something more secure than your current pet name / birthday / 123456 combo.
And hey, let's be careful out there.