Passwords are alarmingly vulnerable.
Senior editor of The Atlantic magazine and website, Ta-Nehisi Coates, gives a few pointers on password security in his articleThe Art of the Password.
When freshman Sania Rahim opened up her iTunes account over Fall break, she noticed that there was a $50 purchase on her account that she hadn’t made.
“It was such a wake up call for me because I realized that someone could have made a more substantial purchase,” said Rahim. “I’m a very private person, so I feel uncomfortable with all these people having access to all my information.”
Coates suggests using a long, familiar sequence of words with spaces. Hackers’ computers cannot tell spaces from characters and have a harder time decoding these types of passwords.
If a long password is too much trouble, Coates gives the use of non-English words in a shorter sequence of words as an alternative. These are hard to guess and using numbers of characters adds another level of protection.
Gibberish passwords like "V*!amYEg5M5!3R" can be generated by programs like LastPass but these can be hard to remember.
It’s important to store these somewhere secure, Coates emphasizes. A piece of paper in a wallet is usually sufficient, but online managers like LastPass and RoboFarm are safer. These corporations store parts of the encoding information in different places so if the main sites were ever compromised, a hacker wouldn’t have access to all the information that clients give them to keep safe.
John Smith, Office of Information Technology analyst, said that password security is not that big of an issue at Duke.
“We’ve gotten several requests about passwords but it’s not too often," Smith said. "Maybe once every two weeks."
Smith explained that this is because the password requirements for official Duke accounts are very stringent. Passwords must be at least seven characters long, cannot contain a dictionary word and must contain the uppercase and lowercase and either a number or special character.
For added safety, Coates recommends using different passwords for different things. However, having too many passwords can be hard to manage.
After her iTunes account became compromised, Rahim changed the way she operates online.
“I guess this is stupid, but I used the same password for everything before,” Rahim said. “Now I have different passwords for everything and I have to keep track of all my passwords.”
As a way to simplify this, Coates said, “The guide should be: any site that matters needs its own password—one you don’t currently use for any other site, and that you have never used anywhere else.”
Rahim has figured out another way to cut down on the number of logins she has. An online shopper, she has stopped creating accounts that store her credit card information. Instead, she makes purchases through guest accounts if they are available.
She said that she is also very conservative in what she shares on social media and has a lot of privacy settings set on her Facebook account.
Despite her cautions, Rahim pointed out, “People can save photos and share links if they want. Internet security is pretty much nonexistent.”
Get The Chronicle straight to your inbox
Signup for our weekly newsletter. Cancel at any time.