Sherlock's Case Files

Sherlock's Case Files contain miscellaneous postings from Skipp Porteous, president of Sherlock Investigations. Here you'll find investigative tips, testimonials, and tantalizing topics. Feel free to respond anonymously to any posting. NOTE: If you want to contact Sherlock Investigations, do NOT do it through this blog, use our email address:

Wednesday, September 19, 2007

Scam-proof Passwords

One night last year I swept an accountant's office in midtown Manhattan. By "swept," I mean TSCM, or an electronic surveillance countermeasures job, or, in other words, bug sweep.

I found a video camera hidden in a plant. It was easy to find because most plants don't have a wire leading to them. In this case, the owner placed the camera as part of his security system.

I was part of a team. The other part were Israeli computer geeks. They had a disk that they shoved into the computers in the office and, literally, in two seconds, uncovered all the passwords in each computer.

Most hackers and identity thieves don't have such sophisticated software. They don't need it. Many people use their pet's name, their first name, nicknames, "password", "123456," "qwerty," "abc123," "letmein," "monkey," their birthdate, or part of their Social Security Number, as their password. Hackers and identity thieves know this.

Obviously, any password stored on a computer is obtainable. However, the best passwords...ones that people cannot guess...are random passwords. Examples are: 4kC?l0*, or 4ilJH%, or #Ikn*M. These were created randomly by hitting different keys blindly.

Of course, if you have passwords like this, and I recommend it, you have to write them down, because you'll never remember them. Just don't tape them to your computer.


Post a Comment

<< Home