PUBLISHED MAY/JUNE 2018
by Chet Davis, Technology Teacher and Speaker —
Protecting your independent publishing business from hackers and piracy
Is your login on the list of the riskiest passwords? If you’re using “123456” or the word “password,” then the answer is yes. You’re using the two most commonly used passwords—and they’ve been in the top two positions for the past four years.
If you’re like many authors, you click on a half-dozen or more web portals each week, or maybe even daily. Every website you use, whether it’s your blog, social media platform, business bank, or author’s portal, all have a gateway. Usually, this is secured by a user ID and a password.
Think of your ID and password as the keys to your front door. Most of us keep our house keys in a safe place to make sure only trusted people may enter our home. Your passwords should be treated with a similar respect.
The two most common mistakes people make with their passwords are over-simplicity and daisy chaining. Let’s focus on remedies for these issues.
Remedies for Over-Simplicity
It’s understandable that you want to have passwords you can remember, but the reason we have passwords at all is to let you in and keep others out. Why do you need complex passwords? You might imagine a person sitting in a dim room somewhere overseas typing passwords to get into your bank account. But the cyber thieves have become very sophisticated. Hackers today use computer programs to try the common passwords to attempt entry into accounts they might find lucrative.
Many experts suggest staying away from any password that you’d find in a dictionary. And, for sure, avoid using names of your kids, your pets, hometown, favorite sports team, etc. Have you seen those Facebook posts asking their friends to share answers to questions? Often these posts allow a cyber thief insight to your passwords.
To avoid going crazy trying to come up with complex passwords that you’ll never remember, you can create your own. Here’s a system I believe you’ll find easy and effective: Come up with your own password by creating an acronym. It’s often easier to remember and more secure than most of the passwords many are using.
Let’s practice. Start with a phrase like “Authors share great ideas in books.” When you take the first character of the first word as uppercase and the rest of the acronym lowercase, it becomes Asgiib. Next, add two to four numerals. I’ll add 17 for the year 2017, the year I joined IBPA. And then end with a special character like an exclamation point. So my new, secure password is Asgiib17! That’s not in any dictionary, not tied to anything I post on social media or in any bio, and not likely to be randomly generated by a cyber thief’s computer program.
If you still bristle at the thought of a complex (and secure) password, consider using it on only one account. If it was just one account, I would make sure your primary email is protected. Here’s why: Let’s say a hacker gains access to your email portal, then they can click on any of your other accounts and use the “reset password” link. That will send the option to reset the password to your email, which they now have access to, and a cyber thief can control all of your accounts, changing the passwords at will and effectively locking you out.
This is sometimes done by hackers for ransom, other times to sell off valuable internet outposts to the highest bidder, and sometimes just for the fun of it. You may think this is a far-fetched notion from a Tom Clancy novel, but there are a number of instances where this has indeed happened to people.
Remedies for Daisy Chaining
With more secure passwords, you should also consider the number of your passwords. If you use just one password across multiple websites or services, it’s called daisy chaining, and it’s not a good thing. It’s recommended that you use a different password for each portal, especially your important websites. If a cyber thief guesses or purchases your login info from a compromised website and you use that same password across many sites, then they have access to your whole digital kingdom.
To become more secure, consider having different passwords for at least your most critical accounts. One for your primary email account, a separate one for online banking, and another for your website or blog. For those who have built a large following on a social media platform, a different password for each site is recommended.
Before you start rolling your eyes at my suggestion of multiple, complex passwords, there’s a solution, and it’s called a password vault or password manager. This is a service that stores your passwords and can also help create very complex passwords for each of your portals. And to access your passwords you need only remember one password, which opens the vault and auto-fills your login pages. Then you have just one vault password you need to remember, which you can make complex and highly unlikely a hacker or computer program would come up with.
Many of these password vaults also have options called extensions that you can install on your web browser to help you log in to your websites with ease. They also have apps that enable access when you’re using your smartphone or tablet.
In addition to holding your highly secure passwords, password vaults also prevent you from having to type in your user ID and passwords when you’re connected via public WiFi. That mitigates the danger from a hacker who might be on the same WiFi network as you and actually logging (watching or recording) your keystrokes.
Take this nine-question quiz to help you gauge the security of your online behaviors: surveymonkey.com/r/TechSecure
Taking Advantage of Two-Step Verification
Since we’ve secured your “house keys,” let’s make your “front door” is as secure as possible. Most security experts recommend you take advantage of two-step verification. I compare this option to the deadbolt on your home’s front door, a second lock which requires another set of keys.
Two-step verification can take several forms, but the most common is a text message that is sent to your mobile phone with a six-digit code. This one-time code is generated automatically when you attempt to log in and enter your password. After typing this code into a pop-up window to verify it really is you, you may then enter the website or portal.
So, even if a hacker gets your login ID and password, they must have this other info to get in, and since it’s usually sent to your mobile device, you’re often in possession of that.
As an author, technology is a wonderfully powerful tool that provides you with resources and opportunities that were not available even a decade ago. It’s an amazing tool set to help get your books and your brand in front of so many people.
Becoming more secure with the keys to your digital empire is important not only to your own financial and data security, but also as a means to protect the data of your tribe: your customers and prospects. To expose the contact info, payment card info, etc. of those people who you’re doing business with, or those you hope to in the future, will almost certainly put a damper on the relationship. By taking even some of these simple steps this week, you’ll begin utilizing these tools more securely for the good of your business and those you connect with.
Chet Davis a California-based trainer and speaker whose focus is helping people master technology tools. He is the producer of “Tech Tips for Experts & Authors,” video shorts on relevant technologies, and the author of a forthcoming book titled Practicing Safe Tech. You can connect with Chet and his teaching at TechForExpertsAndAuthors.com.
For more helpful tips to manage your publishing business, check out this IBPA Independent article: Essential Website Housekeeping.