Boomeresque:Definition
1. Adj.: Describing a person born between 1 Jan. 1946 and 31 Dec. 1964
2. Adj.: Description of a person, place or thing possessing Baby Boomer je ne sais quoi
3. See also, Boomer, Esq.: A Baby Boomer who is also a licensed attorney (See, e.g., About).

What’s the Password? “Shhh, It’s a Secret”

by Suzanne Fluhr on August 29, 2013 · 31 comments

You can tell my husband Steve (a/k/a Mr. Excitement) and I have a good marriage because for 31 years, we have shared a home office. You can imagine my surprise one Saturday as we sat back to back at our respective computers when I heard this from “Mr. I Never Talk When I’m Working”:

STEVE:  Uh oh, I didn’t know you are stranded in London with no money and no credit cards.

ME:   Huh?

STEVE:  I just got an email from you, saying you were robbed at gunpoint and all your money and credit cards were stolen and asking me to wire you some money so you can pay your hotel bill and get home.

ME:  WTF!?!  (Language reserved for very special occasions).

About two minutes later, I received a frantic telephone call from my 87 year old mother. Her older sister, my great aunt, had called to tell her of my dire circumstances. She then received a call from one of our former babysitters, asking whether she should send me money since I was……

120px-IdeaAt this point, a light bulb finally went off in my head. Hel–lo!?!! Forehead slap. “My email has been hacked. I better send an email to all my contacts to tell them I am safe and sound in Philly and by no means are they to wire any money to anywhere”.

A quick check of my main email account revealed that it was no longer mine. The password had been changed. Facebook? Same thing. What did these two accounts have in common? The. Same. Password.

In fact, it was the same password I had been using for years, ever since I opened my first AOL email account back when it cost money to do that and when I thought our dial up modem was blazingly fast. (Yes, I am THAT old!) The first thing I did was open my on-line banking accounts. Whew. My accounts were still intact. I immediately changed the password. Wait a minute? What about my credit cards!?! No unusual activity — changed passwords. And so on, and so on. In fact, I changed 26 passwords and that was with skipping over some on-line accounts I wasn’t that concerned about. If you want to know which quilting patterns I’ve downloaded  — have at it.

This experience convinced me that 1) there are quite a few very kind, generous people who really would have sent the money if my plight had been real ,  and 2) I better educate myself about passwords. So, here is what I learned (with some help from tech blogger Andrew Tipp).

Be Suspicious and Use Common Sense

No, there really is not a Nigerian prince who wants to send you a check (cheque) for one million dollars (or euro or pounds or fill in your currency) if you would only wire him a mere pittance so he can regain his crown. But, you knew that. Right? You immediately deleted that email.

Most institutions dealing with money these days have robust fraud divisions. If you have any doubt about an on-line (or other) request for information, contact them, using a telephone number or email address that you obtain elsewhere—not from the email you received requesting information.

Do not send sensitive information through a website that doesn’t start with “https” — the “s” stands for “secure”.  Plain “http” is fine for reading Boomeresque, but not for sending me your Social Security number. —– Wait. Stop. I don’t really want you to send me your Social Security number. No. Remember, I’m not really in London.

Use Strong Passwords

“Suzanne123” is not a strong password. “DinoIsTheBestDog” is not a strong password. The strongest passwords are at least 12-15 characters long and contain a random mixture of capital and lowercase letters, numbers and symbols. Even the strongest passwords can be “guessed” by sophisticated computer programs, so passwords should be changed as frequently as possible. If you want to become really twitchy about password strength, read this Wikipedia article on the subject.

Use Strong Security Questions

If your user name for an account is “Your Name” and your security question is “Where were you born?” and if that information is readily available in the public “about” section of your Facebook page — this is not good. If you have ever had to use the “I Forgot My Password” feature of a website, you know that having access to your email account (like maybe because you left it open on the computer you used in that cute internet cafe in Istanbul) and knowing where you were born will be enough to give some nefarious character access to most of your other accounts.

Use a Password Management System

I am not referring to keeping your passwords on sticky notes attached to your computer. (Ahem, you know you just looked at them.) However, you now have multiple strong passwords you can’t possibly remember. (This is not just a Baby Boomer problem. At any given moment, the average Millennial is likely to have ingested more mind altering substances more recently than Mr. and Mrs. Excitement.) A Password Manager is software used to store your different passwords for the ever-increasing number of password protected sites you need to access. A good Password Manager will generate strong passwords for you. When you access a site, the Password Manager program fills in the correct password for you. This feature can also protect you from “phishing” sites because the Manager will not recognize the fraudulent version of the site. Using a Password Manager means you only have to remember one password. Password Manager software uses many techniques to safeguard your password stash. Caveat: given that any system designed by humans is — well, human — I’d probably still keep my bank password outside the Manager.

Protect Yourself

Even if you are not running an Iranian plutonium enriching centrifuge facility, you should be running an up-to-date anti virus program. Making sure your computer is up to date with the latest in antivirus software can protect you and your information from would-be hackers. When your antivirus program asks for permission to update itself automatically — say “yes, please do”.  While you’re minding your own business, living your everyday (but important) life, somewhere a bad geek (as opposed to your nephew) is trying to infect your computer with a virus. Why? Because he (and it does always seem to be a he) thinks it’s fun and he can sell your information.

Be Prepared

In other words, “Just because you’re paranoid, does not mean they are not out to get you.” Be prepared for anything, such as having your account hacked and losing access. Ensure you know the support contact information for all your relevant sites, and store them on/in an alternate location you can get to easily (possibly on a flash drive or in an old film tube with the extra house key in that fake rock outside your house). In an emergency, this will enable you to alert them to your problem. And, whatever you do, BACK UP YOUR COMPUTER(S) some way, some how.

So Here’s the Good News — The End of the Password

Now that you’ve been reduced to whimpering in the fetal position, word around the campfire in online geek circles is that the current authentication system of  user names and passwords will eventually become obsolete. It will be so much easier to have you retina scanned than to try to remember and protect your passwords.

Having said aaallll this (seriously violating the short blog post rule), my parting warning is: REMEMBER, EMAIL IS LIKE SKYWRITING. If you don’t believe me, ask David Petraeus or Edward Snowden.

About Andrew Tipp

Andrew Tipp is a writer, blogger and editor working in digital publishing. He blogs for The Huffington Post about tech and culture, and is interested in how fast-moving technology is changing our lives. Andrew is also interested in web trends, pop culture and social media.

jpeg

Do you have any computer security suggestions? How worried are you about the privacy of your cyber information?

{ 31 comments… read them below or add one }

Patti August 29, 2013 at 11:20 am

Great post Suzanne! Fortunately, (knock on wood) I’ve only been hacked on Twitter – I don’t think of that as particularly important, just annoying. I have several “strong” passwords that I rotate through. I too used to use 1 password for all accounts but I stopped doing that a few years back. Now I have my mainstays and I reset and rotate every few months. I always think that if the hackers would use their ingenuity for good – what a world it would be!

Reply

Suzanne Fluhr Suzanne Fluhr August 29, 2013 at 2:28 pm

I just try to remember that anything I put on line is out there. Unfortunately, our own computer security and privacy settings are only half the story. If we use the internet to make any purchases, our info is on someone else’s computer. If the NY Times can be hacked, the rest of us are pretty much toast. Having said that, I’m impressed by my credit card’s fraud detection. They have picked up on even small charges that I didn’t make, checked with me to determine that someone else (overseas) had accessed my account, cancelled the charge and sent me a new credit card.

Reply

Poppaea August 29, 2013 at 2:58 pm

I don’t think that I’ve ever been hacked. I like to think hackers see that I am sooooo pitifully technologically incompetent, AND poor, that it’s not even fun to try to bleed anything out of me. I have thought of it tho & try to use a security question that wouldn’t be obvious upon basic scrutiny (“Let’s see: where does she say she’s from on Facebook? Ah! the answer to the ‘What’s your hometown?’ question”).
I REALLY hate that I have to “create an account” for everything. Pretty soon we’ll have to do that to use public restrooms. Or maybe that’s the “Logan’s Run” scene where we can just scan our hand. Or, better, one of my favorite commercials where the supermarket checkout person is trying to scan the bar code on a guy’s forehead!

Reply

Suzanne Fluhr Suzanne Fluhr August 29, 2013 at 3:14 pm

Nice, Poppy! I hope people don’t think I’m insane if I start chuckling the next time I’m at the supermarket, thinking about everyone walking around with bar codes on their foreheads. This might not be so far-fetched. You know how we now pretty much need social security numbers almost at birth — what if everyone just got a barcode tattooed somewhere. Strike that. Then, the hackers will be kidnapping us for our info.

Reply

Andrea August 29, 2013 at 3:35 pm

In addition to the Saudi/African/Asian, etc., royalty who just absolutely needs your help, or that long-lost family member in a foreign country who is holding your inheritance, let’s not forget about those too-good-to-be-true emails we get from what appear to be legitimate sources. Someone I know (not mentioning names, but I married him…) once received an email for an incredible deal on a brand new iPod (before iPhones were all the rage). Seeming too good to be true, but it must be true because it came to his work email, he jumped on board and “bought” one. Weeks went by without ever receiving the item, and after *finally* doing some research on the vendor, it turns out it was a scam. It wasn’t just any scam, though; this scam was being masterminded from three separate locations in the U.S., with one of the ring leaders having a very lovely multi-million dollar home and multiple luxury vehicles. At the end of the day, no money was ever reimbursed, but luckily the bank account remained in tact. Less learned by my unnamed friend (read: husband) is that you should never trust an email from an unknown source, no matter where it’s sent to or how great that offer may be. Thankfully it only cost $125 for him, but not everyone is that lucky!

S – Not sure if you knew this story already, but I felt the need to share with your readers!

Reply

Just One Boomer (Suzanne) August 29, 2013 at 9:01 pm

Hmm. It sounds vaguely familiar…. This is another good reminder that “If it sounds too good to be true — it probably is.

Reply

Neva Fels August 29, 2013 at 3:55 pm

It’s interesting to read how many people have been hacked or had fraudulent use of their credit cards. I guess the hackers know that most of my relatives are cheapskates and would implement the tough love factor, if I was stranded.

My credit card was fraudulently used recently. My card company knows I don’t use “high priced makeup” and called immediately. (Sigh) I’m embarrassed to say that my last makeup purchase was at Wal-mart. I was hoping the card company would work with me, since I had a good idea where the card’s numbers were stolen. They said “call the police, they weren’t interested in prosecuting the restaurant.” Hmmm.

Reply

Just One Boomer (Suzanne) August 29, 2013 at 9:08 pm

Don’t be embarrassed. My last make-up purchase was an eyeliner at CVS. Penny wise and pound foolish. I had to throw it away after one use because it felt like my eyes were infected. I’m not surprised the credit card company didn’t want to go after the restaurant from where you thought your credit card number was stolen. You’d probably be better off alerting the owner — unless you think the owner was responsible. In almost every other country we’ve visited, at restaurant’s, they bring the credit card reader right to the table and you never relinquish your card.

Reply

Glynis Ellens August 29, 2013 at 11:07 pm

Great post, Suzanne. Guess I’m going to have to get one of those password management systems tomorrow. No-one could ever remember all those different passwords. Thanks for the prompt!

Reply

Just One Boomer (Suzanne) August 29, 2013 at 11:50 pm

Unfortunately, Glynis, I managed to freak my own self out writing this post. If only it were just the US National Security Agency (NSA) that wanted access to my computer.;-)

Reply

Jeannette Paladino August 29, 2013 at 11:18 pm

Passwords can be a pain in the neck to keep changing. But when my email was hacked I stopped using the same one for all my accounts. I bought a password storage account – but can’t figure it out. So they are all on index cards.

Reply

Just One Boomer (Suzanne) August 29, 2013 at 11:53 pm

Jeannette, what do you do when you travel? Do you carry all your index cards around? I came up with a one sheet table that has my passwords with very cryptic prompts for me to remember the passwords. This is probably quite dumb. My I ask which password storage account you bought? Is it one where the passwords are stored on your computer or in the Cloud?

Reply

Irene August 30, 2013 at 12:46 am

Great post! So sorry!

Reply

Just One Boomer (Suzanne) August 30, 2013 at 1:53 am

Irene—You don’t have to be sorry. I wasn’t really held up at gunpoint — in London. 😉

Reply

Mike August 30, 2013 at 3:26 am

For starters, Suzanne, you had me at “WTF!?!” because that caught me off guard from you and made me smile. Then the forehead slap made me giggle. BUT, this post was fantastic in the very stern warning and advice you offered as I just went through a password overhaul myself after the darn Twitter debacle I mentioned a few weeks back. And I mentioned it again briefly in my latest post. We’ve learned a lot about passwords where I work and I actually got an in depth course many years ago when I was on a computer project for my same place of employment over all of these years. Just like you said it’s so important to be vigilant. Great reminder for everyone! 🙂

Reply

Suzanne Fluhr Suzanne Fluhr August 30, 2013 at 7:15 am

Thanks, Mike. This is why people should not use a curse word as every other word. They lose their effectiveness. Save them for “special” occasions. Of course, sometimes entire days are special occasions. 😉

Reply

Debra Yearwood September 3, 2013 at 2:46 pm

What a funny and informative post. I have received the call for help email about a friend, but since she is with External Affairs I was somewhat suspicious of the idea that she could be stranded and looking for money.

I won’t say how often I thought, “that’s me” as you listed what not to do, let’s just say I now I have homework to do.

Reply

Suzanne Fluhr Suzanne Fluhr September 3, 2013 at 3:09 pm

Thanks for your comment, Debra. Let me just put it this way — I clearly write from rueful experience — and I could add, “Do as I say, not as I do.”

Reply

Madaline Fluhr September 5, 2013 at 11:32 am

So, do ya think your post triggered your readers????? You have raised a topic that is so discomfiting that I rapidly moved into avoidance mode. Okay – I admit it – I am STILL in the fetal position you refer to after reading this post on August 29. Hence my delay in responding…..(It’s hard to type in the fetal position!) My general low-grade-chronic-sense of being “cyber-stupid” has now been upgraded to Red! (oh yeah, they did away with that terror-alert system of alarming us, but you get my drift – ALARMED being the operative word.) As you know, I run a business from my computer – so I have no excuse not to be up, up, up on this stuff. I will be reviewing this blog post with Eddie in tow to “evaluate” our “sitchyation”. I will keep you “post”ed. Really, at this point, I just want my mommy….

Reply

Suzanne Fluhr (Boomeresque) September 7, 2013 at 9:34 pm

Mads, seeing as how we’re related, there’s a chance our “go to” password is the same, but obviously, I’m not telling you what that is!

Reply

Arleen September 6, 2013 at 3:13 pm

I had a similar thing happen to me. My email wasn’t hacked but a friend of mine email was hacked. I got an email saying that she had to take an unexpected trip out of the country and that she had been robbed and needed money to get home. Being naive I believed the story. I was given a address, her name where to send the money by Western Union. I even called Western Union to find out their policies of how to send money. I guess until I figured it I was lucky this came in over the weekend. The more I thought about it I knew this woman runs agility and called another friend and asked if she was at the trial. Sure enough she was. When she got on the phone, she said her email had been hacked and wanted to know what country they wanted the money to be sent as there about 10 of them.

Very good post as I don’t think people realize the problem that exist from Hackers. Strong passwords do help.

Reply

Suzanne Fluhr (Boomeresque) September 7, 2013 at 9:36 pm

Arleen, the day after I published this blog post, I received one of those “I’ve been robbed, I’m stranded” emails. I didn’t even recognize the name. Hackers just send out emails to everyone on the hackees email contact list — so it might even have been a plumber I used years ago—who knows. If this ever really happens to a loved one, they’re in trouble, because as soon as I read the scenario, I hit “delete”.

Reply

Alison at Diamond-Cut Life September 8, 2013 at 11:31 pm

Valuable information. Thank you Suzanne. I also like that you’re transparent about compensation. This post was a real public service.

Reply

Suzanne Fluhr Suzanne Fluhr September 9, 2013 at 6:43 am

Thanks, Alison.The Federal Trade Commission mandates transparency about compensation, but I’m not sure all bloggers have gotten the memo or else some have filed it in a virtual circular file somewhere. Advertisers try to push their versions of content, but I can’t work with them unless I’m free to do my own research and writing. I use their “anchor text” as a writing prompt.

Reply

Robin September 14, 2013 at 1:01 pm

I downloaded the password protector that was mentioned in this blog post. I had read it when you first put it out but forgot about how to go about it. I recently had my account hacked in the middle of interviewing for jobs and emails were sent to some of the people who were interviewing me. So embarrassing!

Reply

Suzanne Fluhr Suzanne Fluhr September 14, 2013 at 4:05 pm

Oh man, I hate it when that happens. But, I think people are understanding now that we are all vulnerable. I’m sure we’ve all received emails via hacked accounts at this point — including the people interviewing you.

Reply

santafetraveler October 4, 2013 at 11:32 am

Love the humor in this but also the great information. We have our own password management system as I worry about the ones I’ve been offered by some of my online service providers. What if they get hacked? I have some sites that I have Firefox remember the passwords for- but none of my financial site passwords are stored.

Reply

Suzanne (Travelbunny) February 25, 2014 at 5:15 pm

Great post – I think my passwords need an overhaul after reading this! Useful tips too, thank you.

Reply

Suzanne Fluhr February 26, 2014 at 6:24 pm

The more I learn about internet security, the more I think it’s only a matter of time before there’s a cyber disaster bigger than the ones we’ve already experienced. Basically, no matter what we do, we need to keep in mind that anything we put out in cyberspace, including password protected “private” emails, might as well be sky-writing.

Reply

Karen @BakingInATornado April 11, 2014 at 9:52 pm

I think about all the time hackers spend trying to harm others and, if they’re that smart, how much good they could be doing with that time.

I’ve not been hacked (yes, I’m knocking wood), but I have had my bank email me saying that my internet access was frozen until I changed the password because someone had tried to access the account 3 times unsuccessfully (after which the bank automatically shuts off access). I was shaking (both times, this happened twice) as I set up a new password. This was absolute proof that someone was trying to get into my bank accounts, scary as hell.

I’d never heard of password manager. I have a document where I keep all of my passwords. I’ll have to check out those options.

Reply

Suzanne Fluhr Suzanne Fluhr April 11, 2014 at 10:10 pm

Thanks for your comment. If your passwords are on a document in your computer, this obviously presents a problem if hackers access it, unless they are cleverly disguised so only you know what they mean.

Reply

Leave a Comment

Previous post:

Next post: