I’ve talked about the importance of strong passwords many times before. You can find several articles with this site’s search feature, or you can just read this quick rundown:
- Short, single word or short-word-and-a-number passwords are bad
- Passwords like “123456” and “password” are very, very bad.
- Passwords that are over 16 characters and consist of garbled strings of letters, numbers and special characters are good (“*#&uE9efh09efIUN98E(Ubdf%%23r” for example)
- Never use the same password for more than one website, and use a password storage program like Lastpass to help you maintain your sanity
Whenever I bring up passwords, though, I’m almost always talking about things like online banking, social networks, email accounts, and other websites where your credentials need to be kept confidential. What I don’t often bring up are all the THINGS that are now Internet-enabled.
Things like thermostats, interior lights and security cameras. Hot tubs, televisions. Garage door openers.
The idea, of course, is to bring the vision of The Jetsons into the real world. We want to walk into a room and have the thermostat know we like it to be 73 degrees during the afternoon but 76 at night. We want to be able to check our security cameras from our phones while we’re on vacation. I personally want a black ’82 Trans Am with a self-aware cybernetic logic module (and a snarky sense of humor) that can jump over walls from a dead standstill, so I can go around punching out bad guys in tan leather jackets who have been poisoning horses or whatever.
But when your THINGS are connected to the Internet, you might face some new security and privacy issues. Many of these devices are pre-set with a default password (or have a username and password as an OPTION, in the case of older products), and if you don’t change the default (or set a password in the first place), anyone who knows the default password could manipulate them remotely. They could run up your utility bills or open your garage door from the other side of the globe. If your security cameras are remotely accessible and you don’t set a password, or leave it set to the default, someone could spy on you in your home. Or set up a website collecting hacked cameras from around the world so anyone on the Internet can watch.
So what applies to websites applies to your Internet-enabled appliances and other devices: use a good password for everything, and never leave a new device’s password set to the factory default (or neglect to set one up, if it’s optional). There are too many people who know how to access them.