If you live anywhere in the Midwest and grew weary of the bitter cold weather we experienced at length this Winter, you’re probably like me and are soaking up the warmer temperatures, the appearance of beautiful flowers and the smell of freshly cut green grass.  Dare I say it: Winter may finally be behind us.   No longer trapped inside, my wife and I decided that our first spring project would be to clean our garage out (thoroughly).  This would mark the first time in ten years (yikes!).  Anyone who has done a serious garage clean out or a closet clean out or a basement clean out understands how hard it is to fight the urge to hold on to everything.   I suppose there is a level of comfort in holding on to things “just-in-case” or “just because”.

Like our garage cleanout, Spring and early Summer are often the times when outdoor projects get accomplished.  The projects may seem daunting at first but when completed, they are also very rewarding.  As I marveled at our clean garage (“It’s brand new!” said our 3-year old), I began to think about the digital world. Like me, so many people are lining up their Spring and Summer outdoor projects, and we should also consider investing time this Spring to do an ‘online clean out’ of sorts.

The clean out I am suggesting relates specifically to cleaning out (deleting) all of our current computer passwords and changing them to new and stronger ones.   With all of the eye opening news surrounding the Heartbleed security flaw last month, there is no better time than (right!) now to start this online project.  And while it may be easier and provide a level of routine for you to simply hold on to your existing passwords, I strongly urge you to fight that urge (complacency!) because there is great reward and security in accomplishing this task.

Regardless of the scope of the project, it is also best if you know where to begin and hopefully the information below will assist you in getting started creating and maintaining new passwords.

1. Avoid common passwords.  Commonly used passwords include, ‘123456’, ‘password’, ‘111111’, ‘qwerty’, ‘abc123’, ‘iloveyou’, ‘admin’, ‘123123’, ‘monkey’ and ‘sunshine’.  According to a recent study, it is reported that the 100 most commonly passwords make up over 60% of all passwords.  Don’t kid yourself; cybercriminals are fully aware of our lazy practices.

2. Steer clear of personal passwords.  When creating passwords avoid passwords that are based solely on personal information about yourself or your family and that can be seen readily online on your blog, social networking site (ie. Facebook), etc.  For example, if you post a picture on Facebook of your new puppy ‘bernie’, I suggest that you do not change your password(s) to ‘bernie’.

3. Take the extra time to create a Strong password.  Strength of a password is measured by a combination of its length and complexity (mixing in numbers, letters, capitals, symbols, etc.).  And believe it or not, length plays a bigger role in password strength than complexity.   Passwords should be at least 8 characters in length but 12 characters or more should be the norm (I’m serious!).  Also, don’t use one word passwords. Believe it or not, 90% of passwords used by all of us today are considered weak.

4. Get creative when arriving at passwords.  I feel that individuality can make creating strong and easy-to-remember passwords enjoyable, especially when sharing the importance of strong passwords with small children and even young adults.  For example, my oldest son really enjoys playing Mario Kart on his DS.  If he used a password like “mariokart”, it wouldn’t pass any of the tips I listed above.  But, what if we got creative and established a password like “Mari0K&rtS3v3n4DS”.  Something he could be trained to remember (do not underestimate a child’s capacity to retain information!) based on something he enjoys and yet we have also establish a strong password.

Given the tips and suggestions above for creating passwords, below are some tips on how to keep your passwords secure. Most of them may be seen as “common sense” but research proves that they are not being practiced.

1. Don’t share your passwords with others.  A good rule of thumb may be to treat your password like your house key.  It’s probably best not to share your house key with all your neighbors and friends at school and work.

2. Never text, email or post your passwords online.  Any time you share your passwords in this fashion you are essentially allowing full public access to your account information. Using the example above, it would be similar to leaving your front door wide open when you leave home or go on vacation.

3. Change your passwords regularly.  The hard truth is that no password is truly secure.  Simply consider the discovered Heartbleed flaw.  You also have the human element (socially-engineered schemes, phishing attack victims, etc.).

4. Use different passwords for different sites and activities.  As the saying goes, don’t to put all your eggs in one basket.  The same can be said in relation to passwords—do not use the same one for everything.  It’s easy (lazy) but can cost your dearly.  If you happen to get tricked into sharing or entering a password or an e-commerce site falls prey to hacking, you will not have all of your various accounts exploited if you have various passwords. 

While I referenced this as a Spring project, changing your online passwords must happen more than once a Year.  A better suggestion may be to change them as often as we do our bed sheets.  This may have varying time spans, depending on if you are in college, living alone, or running a home, but all the same—you get my point.

I know that there is an amount of work in keeping up with new passwords, but it’s worth it!  Getting hacked stinks!  (To put in mildly.)  When night falls, most of us lock our car doors, deadbolt our front door and shut the garage.  Why wouldn’t we take the time to complete a few routine steps in order to keep our online affairs private and secure as well?  Make it fun and use capitals, symbols and numbers.  Set an alarm on your phone for once a week, month, or Season.  Any increase in switching them up and making them stronger is a bonus to your personal online safety.

The funny thing about this practice (changing your passwords) is that you already know the rules and how it can benefit you.  Just to be sure, let’s take a small quiz in honor of the School Year wrapping up soon:

When I create my next password, I will (a) Seek a group consensus from my closet friends (b) Use my new baby daughter’s name, which I have just introduced to the Facebook world (c) Make it easy on myself and go with my usual go to “password” password or (d) Establish a creative combination of numbers, letters, and symbols that would be at least 12 characters long, and would be most likely known only to me.

If you said “D”, you are correct.  I know most of you are correct in understanding this principle, and it is time now to begin our Spring Cleaning of passwords.  Like any Spring project, you will feel great when it’s finished, and this project may just save your bank account, credit card or social media outlet from being compromised.  Happy Cleaning!