Final Four Tips for Password Security

April 01, 2015
By: Peter Bernstein

If you are like most people in the U.S. the past few weeks, you have been caught up in what is known here as “March Madness.”  This is the annual ritual where in conjunction with the National Collegiate Athletic Association (NCAA) tournament to crown a national basketball champion, fans and even non-fans get caught up in joining office and online pools to pick the winners. 

It is an exercise that not only consumes a lot of time picking potential outcomes but is responsible for an incredible amount of what many might call “non-productive” time at work. It never ceases to amaze just how much time and effort goes into people discussing their picks and watching games via streamed video on their office devices.  For those of you who do not live in the U.S., be assured this is huge and it truly is madness. 

As a quick aside, I will admit that I am one of those people.  I must also confess that due to a series of really bad picks in the early rounds I do not have the teams that are in the Final Four that will compete for the championship this coming weekend.  In fact, my best ranking at the moment is 400,350th.  Plus, in case you thought I have special insight now as to which team will prevail, I do not.  There will always be next year.

Now back to the matter at hand. Many people participate in multiple “brackets.”  Where this becomes substantial is that there are millions of people who go to several websites that sponsor pools. They fill in the maximum brackets that can be entered.  Where it becomes interesting is in the number of places that people login to participate, i.e., provide an entity with personal information.  And there is the rub.

In our zeal to participate we don’t think twice about handing over our personal information. Reality is that it is more than likely safe to “play” on most sites with pools, the Final Four presents a nice opportunity to remember that we have responsibilities to protect our logins from being compromised.

With this in mind, the good folks at Roboform passed along four tips that you should consider while watching the games in the next few days.  In their words, here they are:

Tip 1- Change Sensitive Passwords with the Seasons

An easy way to remember to change your passwords every 90 days or so is to coordinate it with the changing seasons.  If changing them all seems like too daunting of a task, you should at least change the passwords to your bank accounts and credit cards at this interval.

Tip 2- Log Off When Using Shared Computers         

If you must use a shared computer in a public place, be sure to log out of your accounts before getting up.  Also, be careful about which logins you access from shared computers- you never know what kind of malware might be installed!

Tip 3- Generate Random, Secure Passwords for All Logins

Roboform sees it over and over again—people using simple passwords that are the same for most (if not all) of their online logins.  End the madness!  Use a random password generator, whether it is part of a password manager or a standalone tool.

Tip 4- Never Write Down a Password

This is a technical foul!  While it may seem convenient, writing down your passwords/ user names is a big no-no.  Not only can you easily lose your “cheat sheet” and be locked out of your accounts, but someone else could gain access to them.  As we always say- use a Password Manager!

I use a password manager because I tend to forget this information due to the number of places I go and the number of times I follow best practices.  This is way too much information to keep track of manually and clicking the “remember password” request on the browser is nice, but not enough to keep bad things from happening.

Today is April Fool’s Day, but this is no joke.  We all have access to capabilities that can act as strong deterrents to our personal information being compromised and should take advantage of such tools. 




Edited by Dominick Sorrentino