Password Security – Protecting Your Niche Properties
We’ve all done it. Using our favorite pet, our name, birthday or other simple password. It’s foolish and, if you’re building lots of properties online, downright dangerous. This is especially true if you share passwords with business partners, employees, or (gulp!) outsourcers.
I’m not going to go into basic password strategy here as it’s a bit outside the scope. Just as a reminder though, passwords should be at least 10 characters long, not be a common word from the dictionary, or something easy to guess by knowing you (i.e. the sugary syrup treat you love).
They should use a combination of uppercase/lowercase letters, numbers, and special characters (no not the crazy European ones, just the ones over the number keys). If you’re curious, check this out to find out how long it might take to crack your password! (Don’t use a similar password to any actual password you use…just in case!)
There are two types of password strategies you can use to keep your passwords secure. It really depends on the situation you are in. They can be used in combination to great effectiveness. Done properly, it will be nearly impossible for a hacker to guess or crack your password. That means no favorite candies either!
OK, I really hate the idea of a shared account but they are sometimes unavoidable. Especially when you have a crew working on your sites, there are just some resources you have to share. For instance, your Fiverr account. Or perhaps Copyscape. I really do wish services like this would provide for sub accounts, with more limited control, especially since most of their customers are using them not only from multiple systems, but with different people.
Still, feature requests go unanswered and shared accounts are the only way to use these resources. You can use a simple secure and unsecure password. Unsecure passwords are for shared accounts and should never be used for banking, personal, or any sensitive information. Think of your unsecure passwords as a lock many people have a key to, while your secure passwords are for you and you alone! Never share them with anyone!
My preferred method of access is individual accounts, each with there own password. Take WordPress for instance. You can create different accounts all with varying levels of access depending on features and functionality users need to access. However, having one password across multiple sites is dangerous. I know what you’re thinking — Joe, how can I remember a new password for every site? The secret, my friends, is in the code.
Yes, you can use a code to have a different password for each site. A formula, based on the domain name, that allows you to have a unique password for each and every site. Let me give you an example using AdSenseFlippers.com.
- First off, vowels can be replaced by special characters or numbers, as in @ds3ns3fl!pp3rs
- The TLD (or the part of the domain after the dot) can be brought in front of the password and capitalized, as in C0m@ds3ns3fl!pp3rs
- A unique identifier can be used to start off the password based on the end of the domain name, as in S5$C0m@ds3ns3fl!pp3rs (in this case I took the last letter of the domain name, “s”, and used it three times to start off the password with it’s number and symbol replacement)
- Finally the password can be truncated to 10 characters, as in S5$C0m@ds3
This formula can be varied greatly to fit you needs. Be creative. Have some fun with it. Perhaps you could use a set of your favorite fictional characters (or ex-girlfriends/boyfriends) based on the first letter of the domain. You could also introduce some real randomness to your passwords based on month for passwords you change often.
Now if you share accounts, you could have one unsecure formula you share with others so those sites do not have the same password. Then you can have one internal formula you use for your own accounts that you do not share. Should one password be cracked, the formula would be difficult to crack and only one site would be compromised.
This might seem overly complicated, but once you have your own formula it becomes extremely easy to come up with a secure and unique password that you can’t forget. I highly suggest this method for banking sites and email as those usually contain very sensitive information.
What about you? How do you secure your sites and passwords?
Editor’s note: Just in case your wondering why you should have an individual secure password for each site, take a look at these password recovery speeds from some real frightening evaluations of how long it takes to crack easy passwords.