More and more often, travelers are using electronic devices as essential travel aids for planning and while on their journeys. Travelers use them as navigation guides, to make hotel and meal reservations, to check flight status and to store itineraries for reference, as well as store travel documents. Much of the information contains sensitive and personal information which could be used for identity theft and worse.
The most common method to secure online and application information is password protection.
According to LassPass, a software company which sells a premium password management system, a survey they conducted showed that 95 percent of computer and electronic device users share up to six passwords with others, even though they acknowledge that it’s risky to share passwords.
Upon reviewing the survey results, LastPass stated,
“Most shockingly, only 19 percent of respondents say they don’t share passwords that would jeopardize their identity or financial information, leaving 81 percent of people who would share those passwords.”
The survey also pointed out two devastating statistics. Forty-three percent of people surveyed shared financial institution passwords such as for banks, securities companies, etc., and 73 percent of those surveyed said they most likely wouldn’t reset their password after sharing it with someone. These are practices which virtually invite account security breaches.
Passwords should only be shared in case of an extreme emergency and should be changed immediately after their use has been shared.
Even if you don’t share passwords, too many people use short passwords and those containing names of children and spouses, birthdates, addresses, regular words, etc., which makes them easy to crack.
Password security starts with choosing a good password.
Microsoft, in their article, The Importance of Using Strong Passwords, explains that passwords should not contain one’s username and should contain characters from at least three of the following groups: lowercase letters, uppercase letters, numerals, symbols. I recommend that all passwords should contain characters from each of the four groups.
C-Net, in their article, The guide to password security (and why you should care) gives travelers further guidance that passwords should be “free of repetition, dictionary words, pronouns, IDs, and any other predefined number or letter sequences.”
In my experience, most financial institutions require passwords to be just eight characters long. The C-Net article recommends passwords be at least 16 characters long.
I decided to test strong passwords of various lengths following the recommendations of Microsoft and C-Net using the website, How Secure Is My Password, to determine how important password length is to password effectiveness. I found it was estimated that eight character strong passwords could be cracked in less than a day, twelve character ones in 30,000 years, and sixteen character passwords in about a trillion years, using today’s computers.
Password length is critical to protect your identity and data security, and should always be at least twelve characters long.
Each application and website should be given a unique password. If you use a password multiple times you give a hacker who has cracked just one password, immediate access multiple locations holding your private information.
Lately, some websites began offering a two-step login process. While this may seem like overkill, I highly recommend it for logging into banks, credit card companies, stores and other financial institutions. If available, two-step logins add an extra layer of protection for sensitive information. Twitter has two-step login available now. After you login with your username and password, Twitter sends a code by text message to your cellphone. You then type in the code to complete the login.
No one can remember multiple 12 character, strong passwords. While you used to be able to write down your passwords on a small piece of paper kept in your wallet, these days, that’s become impossible.
I recommend two methods of keeping track of your passwords: a password manager and a password protected file stored on a secure memory key.
If you use strong passwords, which I highly recommend, you’ll create passwords which are long and difficult to memorize. A quality password manager eliminates the need to memorize passwords as they securely store them and fill them in for you at log-in. I use LastPass as my password manager. Other good ones are Dashlane and Roboform.
As a password list backup, I keep a password protected file on a secure memory key. While traveling, I keep it with me at all times. It’s never packed in checked luggage. As it’s a secure memory key, it has an extra layer of protection if it’s lost or stolen, beyond the password protection of the password list file itself.
There is no doubt that there is no hack-proof, crack-proof system or methodology to protect your identity and data online or in applications; however, the better the password and protection used, the less likely you and your personal information will be compromised.
After many years working in corporate America as a chemical engineer, executive and eventually CFO of a multinational manufacturer, Ned founded a tech consulting company and later restarted NSL Photography, his photography business. Before entering the corporate world, Ned worked as a Public Health Engineer for the Philadelphia Department of Public Health. As a well known corporate, travel and wildlife photographer, Ned travels the world writing about travel and photography, as well as running photography workshops, seminars and photowalks. Visit Ned’s Photography Blog and Galleries.
