Password protection - II : Better late than never

Varun Kapoor *

Password protection is a necessity that should be adopted by all users and that too at the earliest, if safety of personal information is to be ensured. It was emphasized in the previous column the need to follow certain rules while making strong and secure passwords. Three of these rules were enumerated last week and the remaining three are listed here with:

4. Do not write your password anywhere – This is of utmost importance that we avoid writing our passwords anywhere. This is because someone, who need not know the password may get hold of a written password accidentally or by design and then proceed to misuse it.

If we visit any office or especially a Government one – which is the most likely place that we will find the password of the office computer of the officer written? Most probably on the wall next to where the desktop computer of the officer is located! Or it just maybe written on the backside of the keyboard!

All a hacker has to do is to flip the keyboard on its back – and “gwala” the password can be obtained! No complicated viruses and malwares required to hack into the system of such individuals, to obtain their most precious passwords.

Sometimes many citizens store their passwords and account details in their mobile devices in the notes or drafts section. This too is an extremely risky proposition – as their device may get misplaced, lost or stolen – in that event the password may fall into undesirable hands.

In a case that occurred in a college in Indore – one young lady went to the examination hall with her bag. She was advised by the invigilators to keep the bag outside the hall, this she did. Once she finished the exam and came out she found her bag missing. In the bag among other things was her mobile phone and her ATM card.

With only an ATM card the thief could not do anything. But while he was scanning the contents of her mobile phone – he found a four digit code in her drafts section. He immediately guessed that this was her PIN for the ATM card.

He immediately visited the ATM and using her card and PIN withdrew a sum of 60,000/-from the victims account before she could block her ATM card. Thus writing down our passwords, PIN etc in a physical or digital form is a highly risky activity and should be totally avoided.

1. Do not share your password with anyone – Sharing or telling our password to anyone else is a habit that should also be totally discontinued. Sometimes we our self give the passwords to our aquaintainces for carrying out certain tasks, though this too is an undesirable practice – sometimes it becomes imperative. In such cases the password should be changed immediately after the work has been accomplished.

In many cases cyber criminals make phone calls (Vishing) or send emails or sms (Phishing) to unsuspecting victims and try to obtain their secret passwords or other details from them fraudulently.

In such cases too it must be remembered that sharing of passwords or any other secret details with any unknown person over the digital space is a total taboo and must not be done under any circumstance, situation or temptation.

In addition whenever a user approaches an internet café or public computer to use the web – he/she should only use such terminals for the purpose of surfing the net. In no case should such accounts be accessed where passwords have to be inserted.

Like mail accounts, social networking accounts, bank accounts etc should never be accessed. Even if there is an emergency and the user has to access such accounts – he/she must change the password at the first next opportunity. This is because there is no guarantee that the internet café owner or the operator of any other public computer has not installed a software or hardware form of a Key Logger.

This device will copy all your keystrokes and store it in a temporary folder and once the user leaves the devious operator may retrieve the entire stored information and misuse the information obtained.

2. Setup your password recovery option properly -Password recovery option means the option of – “forgot my password”.

All accounts we create have this option because we may forget the password we created and in that condition we must have a means to recover it. If we select this option we are asked a security question and if we reply to this question successfully we can get access to our account.

The problem is that everyone believes that the security question being asked is like an examination and we have to give the correct answer – otherwise we will fail. And they always give the right answer.

An answer that any other person may know or come to know through social engineering or other techniques. Once the person comes to know the answer he can try and successfully get access to the users account.

As an example let’s consider the case of an online banking account of the State Bank of India. The standard security question asked is – “what is your mother’s maiden name”? Suppose I put the right answer to this question, then I am taking a big risk.

Because my mother’s maiden name is information that many people besides me will know. Even if they don’t they can try and find out through a variety of sources which may include my social networking sites and the information contained in them.

Once they know the answer, they can select the option of “forgot my password” and answer the security question successfully. In such a scenario they may gain access to my account.

That is the danger in considering the security question-answer as an examination. The learning point here is that whatever maybe the security question, the answer that we give should be wrong! An answer that only you should know and one that no one else can know or try to find out.

Like if mother’s maiden name is asked – then instead of the right answer a term like “Gulab Jamun” can be used. This kind of answer will ensure that no cyber thug can try to guess or find out. Such an answer only you will know!

Fighting crime thus boils down to only the use of our common sense. If we use it effectively and follow the six password rules enumerated in the two articles, then we can create, obtain and use strong and safe passwords. One which will ensure not only our security but the security of our data, personal information, finances and reputation.

[Views expressed in the column are of the author himself]

* Varun Kapoor wrote this article for The Sangai Express
Varun Kapoor is ADG Narcotics & PRTS Indore, MP
This article was webcasted on July 22, 2018.

* Comments posted by users in this discussion thread and other parts of this site are opinions of the individuals posting them (whose user ID is displayed alongside) and not the views of We strongly recommend that users exercise responsibility, sensitivity and caution over language while writing your opinions which will be seen and read by other users. Please read a complete Guideline on using comments on this website.

  • Nongpok Thong Hangba
  • Khubak Eeshei @Kang festival : Gallery
  • Punsi Sangba, Mathiupuang :: eMing
  • Arresting decline of higher education
  • RPL-PMKVY Certificate at Tripura
  • Silence :: Poem
  • AFSPA took my father
  • Dark Net: Underbelly of the internet
  • Alternative Arrangement, Article 371A
  • Petition challenging dilution AFSPA
  • Rio for integration of Naga areas
  • Brought NE closer to Delhi: PM
  • Independence Day celebrated in NE
  • Tikendrajit : The Lion of Manipur #1
  • Compressed Earth Blocks: Housing
  • Support breastfeeding among adolescent
  • Ithai: Development Decision Gone Awry
  • Who made the sports university ours?
  • An Unoccupied Forehead :: Poem
  • 'NRC should not be a political issue'
  • Independence Day : Govt needs trust
  • Apprehensions before final pact
  • NNC stand to protect Naga sovereignty
  • 'Delay in solution irks people'
  • Patriots' Day- Floral Tribute : Gallery
  • A shot at survival
  • Demography and Population Studies
  • RPL-PMKVY Certificate at Baishalgarh
  • E-Commerce to help access new markets
  • Manipur Heart Foundation Anniversary
  • Artist lineup for NH7 Weekender
  • Kakching World War-II Memorial Run
  • The Killing Fields 2013-18 : News Timeline
  • AMPWA observed Patriots' Day
  • Real homage or just showmanship
  • Drama of political clout at MU
  • Patriots' Day @ Kolkata : Gallery
  • Historical War fought by Manipur
  • Where are the nurses in HIV response?
  • Understanding false smut of rice
  • The love song of autumn :: Poem
  • Help Underprivileged Sports Youngsters
  • Police : List of Awardees on I-Day
  • NSCN-IM word on Naga unity
  • Scribes demand colleague's release
  • Jadugi Mingsel :: Folk Tale
  • Patriotism Redefined [On 13th Aug]
  • Karate Winners felicitated at Kumbi
  • Of Citizenship & Manipur People's Bill
  • Seminar : Path & Pattern in Northeast
  • 42nd Indian Social Science Congress
  • Naga Peace Process :: News Timeline
  • Certificate Distribution at Tripura
  • Failure by WPS-IE to arrest rapist
  • Resolutions : People's Democratic Alliance
  • ..Will it burnt the state again
  • ..Now get the killers !
  • 'Homecoming', Painting Exhibition : Gallery
  • Legacy of Resistance in Cordillera Highland
  • Woke Up, But You're Nowhere :: Poem
  • Resurgence of Sanamahism
  • Nagas & Meiteis must live together
  • No change in 1951 as Base Year : JCILPS
  • B. Voc. at DM Community College
  • Young Scholars Conference 2018
  • ..legitimacy of remaining to power
  • The precursor of things to come
  • Khangkhui Cave , Ukhrul #4 : Gallery
  • Kanglen Kang Chingba #2 : Gallery
  • Reform Manipur's Education System
  • Friendship
  • Cry of a Dying River - 40
  • World's Indigenous Peoples Day
  • Chandigarh students' solidarity with MU
  • MU agitator should withdraw their agitation
  • Repercussion of a prejudice attitude
  • Regulate school vans/buses
  • Disputed Myanmar Border Pillar : Gallery
  • Seven Breaths of Dragon :: Book Rvw
  • Chronological framework of NRC
  • Buttering Najmaji in public
  • JRF Post at Mizoram University
  • Manipur Tourism : Festival Promotion Award
  • The uneasy shift
  • Well co-ordinated rallies across dists
  • Chalwa Village, Kangpokpi #1 : Gallery
  • General strike on article 371 (A) #2 : Gallery
  • Up against the saffron brigade
  • My unsailed ship :: Poem
  • Mathematics and Science Competition
  • General Strike by ATSUM on August 10
  • Drawing Competition at Wapokpi, Bishnupur
  • ADBU delivers course to Indian Railways
  • One man that put Manipur in frying pan
  • Relax MU shut down !
  • Khumang Pokpa Haraoba #2: Gallery
  • Robert Naorem @Blr Fashion Week : Gallery
  • Territorial integrity of Manipur
  • The string :: Poem
  • General Strike by KIM on August 8
  • Robert Naorem at Bangalore Fashion Week
  • Inner Line Permit (ILP) Demand :: Timeline
  • Dr. Monisha Behal's work in North East
  • Registrations for IIT Techniche workshop
  • PDA on situation in Nagaland
  • The politics of divide: MU
  • Significance of August
  • Mukna Khong Kangjei #3 : Gallery
  • Greater Nagaland or Mini Nagaland? #2
  • Paint Your City : Campaign at Kakching
  • Pemberton line in Kabaw is our boundary
  • Awakening :: Poem
  • Coffee Plantation : In-lieu of Poppy
  • Recalling of AK Pandey by HRD Ministry
  • TSA's reply to KNO/KNA's allegations
  • 21st Manipur Integrity Day : Gallery
  • Konung Kang Chingba #3 : Gallery
  • Ecological, social impact of Ithai Barrage #3
  • Swindling Manipuris in solving Naga issue
  • The Last of the Romantics :: Poem
  • 'Thoughts on MU strategies'
  • Concerned about continued closure of MU
  • Fear factor
  • No takers for 1 month leave
  • View from Shirui Hills #1 : Gallery
  • Manipur as seen by Meiteis, Nagas, & Zo
  • Certificate Distribution at Nirjuli, ArP
  • Contract Jobs available at NIELIT HQs
  • Cry of a Dying River - 39 :: Poem
  • Banana flower vada
  • Entrance for Free Residential IAS Coaching
  • Resolution of NPF Consultative Meeting
  • Concerned about militants' interference
  • Issues : From ILP, MU to FA
  • Emergence Nongda Lairen Pakhangba #2
  • MU Rally at Canchipur : Gallery
  • News Analysis 0f Akashvani Imphal
  • ILP: A Genuine Idea Lost in Translation
  • Tryst with an Alzheimer's patient #2
  • Letter to Prime Minister of India
  • Female DTP faculty reqd at Protocol
  • In between :: Poem
  • Sowing the seeds of Greater Lim
  • General strike on article 371 (A) #1 : Gallery
  • Student is important or AP Pandey
  • Article 371A is sui generis
  • Protection on Land, Environment at TML
  • Press Conference on MU Crisis at Delhi
  • Oppose extension of Article 371(A)
  • DTP-Desktop Publishing course at Nambol
  • Certificate Distribution at Namsai, ArP
  • Rejoinder to KNO/KNA on Moreh attack
  • Issues which burn Manipur State Assembly
  • The brand of politics in MU crisis
  • Central team @ BP 81 , Kwatha #3 : Gallery
  • August Calendar for Year 2018 :: Tools
  • Protest against MHRD @Delhi : Gallery
  • People's Strike greets this August
  • Slump in fight against #AIDS
  • What does moonlight want ? :: Poem
  • MU students protest against MHRD
  • An Unknown killer - "E-Waste"
  • Talking peace and threatening others
  • Singcha Wuya Won @Kamjong #1 : Gallery
  • Dismal Politics in Universities
  • Kanglen Kang Chingba #1 : Gallery
  • Engulfing Uncertainties
  • Ecological, social impact of Ithai Barrage #2
  • Certificate Distribution at Dibang, ArP
  • EEVFAM case: Report for 30 July
  • Pertaining to statement of T. R. Zeliang
  • Issues plaguing the state
  • What is the stand of BJP Govt ?
  • Monsoon Assembly Session : Gallery
  • Election 2019: end of road for Modi
  • The absurd baby talk :: Poem
  • Assam University BTech, MTech Admission
  • Saving the Rhinos - Campaign
  • Arrest perpetrators of Moreh attack
  • Training programmes of NCC
  • Central team @ BP 81 , Kwatha #2 : Gallery
  • MU: Students clash with Police #2: Gallery
  • Prospects of coffee in Manipur
  • Why ILP should not be implemented
  • Hill students get alert on Trafficking
  • IBSD Meghalaya inaugurated
  • Conference on India-Vietnam
  • Govt's strategically pre planned conflict
  • Heart ruptured but life saved
  • Pseudo intellectuals should stop thinking
  • Mass sit-in protest : How about Nagaland?
  • Folklore genres of Meetei community
  • Kang Khichri chaba : Gallery
  • Binalakshmi Nepram at United Nations, NY
  • Certificate Distribution at Changlang, ArP
  • Out to clear her name
  • CBI failed to comply to SC orders
  • Condemned as a cry in wilderness
  • Security meeting conducted
  • Ripe opportunity for awareness & action
  • Is the NRC of 1951 available ?
  • Central team @ BP 81 , Kwatha #1 : Gallery
  • Our Common Crisis: What are We to Do #3
  • ..Take a break from the common road
  • Skin problems that arise during monsoon
  • Cry of a Dying River - 38 : Poem
  • Meghalaya edition of NH7 Weekender
  • 'Special status' under which provisions ?
  • Issues which need minute deliberations
  • Pay Nareckpi : Funga Wari
  • Kayada Ningthijaba Lambino : Story telling
  • Yumkhaibam Nanao: Walking from Delhi..
  • Ningol Pali at Kang Festival : Gallery
  • Eyek Tamba :: Learn Manipuri script
  • Naga American conference at California
  • MU: Students clash with Police #1: Gallery
  • Kanglen Kang Chingba : Gallery
  • ISKCON Kang Chingba festival : Gallery
  • Meira Rally protest of MU VC : Gallery
  • Bandh demanding VC removal #2 : Gallery
  • Front Page Photo 2018 #3: Gallery
  • Art Exhibit @Imphal Art College #1 : Gallery
  • Kang Khichri chaba @Kwakeithel : Gallery
  • Dzuko valley #4 :: 360 Panorama View
  • Manglandasu Nang - OST :: e-pao Radio
  • HSLC 208 Exam Toppers : Gallery
  • Class XII Exam Toppers : Gallery
  • Temples of Manipur : Gallery
  • Old Manipuri Movie #1 :: eRang Classic