Search the Community

Let me start this with a little cautionary tale. In Chicago in 2001 a new board spung un that had all kinds of features for hobbyists inluding a private Senior member board with a very good review database and a chat function that allowed hobbyists to communicate directly. The reviews were very useful and and kept private from normal users and providers. Everything was going well until it came out that the board owner was running a string of top providers (ASPs in TOB parlance), it also turned out that one of the most exclusive and influential providers in the City was his half sister. Another huge problem was that this guy had access to all users passwords and e-mail addresses on the board. Armed with this information the owner did some fishing and was able to gain access to several hobbyist's e-mail accounts because they used the same password for their VIP account that they used on their e-mail account. The worst part was that with this access the owner was able to send out e-mail from these hobbyists as well as read all their e-mail. Who they saw, where people were meeting what the rates were, etc. I am in no way suggesting that such a thing Could or would happen at TOB but it taught me some things about how serious password security is. My advice to all is: 1. Catagorize your online accounts. Personal financial, bank and credit cards. Online order accounts. Amazon and ebay, etc. Email accounts etc. 2. If you have a large number of acounts it isn't practical or always possible to have and remember different paswords for everythng. 3. Create seperate secure passwords for groups. 4. A super secretr and strong passsword for finacials, another for board memberships, another for online purchase accounts, a different one for e-mail accounts, etc. 5. Create strong passwords for everything, a strong password will have 8 characters minimum and contain characters from 3 of these 4 groups, lower case leters, uppercase letters, numbers and special characters. 6. Avoid common words or your name and birtrhdays. Jsanders1 is strong but not a good choice if your name is John Sandes. I like to use mashed up words, mneuminics and things with random dates. Ch!c4g0I would be gold and it's easy for me to remember chicagoil, D3n5erCO would be good for denver and JS0512tob or js0512TOB would also be OK. When using dates, choose something other than your birthday. Another might be ATF_Kate100. 7. given enough time and flaws in a security system meant to provide convenience, any password can be hacked given enough tries and time. Just don't make it easy. 8. Change your group passwords every 6 months. Pick passwords you can remember so you don't have to write them down. My advice, for what it's worth.