<div dir="ltr"><div>Stephen, thanks for the reminder.<br><br></div><div>Also, if you use a common password (like library or director or librarian) and a peer or co-worker is using it as well and falls for these phishing deals, you're compromised as well.<br><br></div><div>According to GIZMODO here are the top 25 most popular (not worst but used) passwords of 2014<br><br><ol><li>123456 (Unchanged)</li><li>password (Unchanged)</li><li>12345 (Up 17)</li><li>12345678 (Down 1)</li><li>qwerty (Down 1)</li><li>123456789 (Unchanged)</li><li>1234 (Up 9)</li><li>baseball (New)</li><li>dragon (New)</li><li>football (New) </li></ol></div><div>For all 25 top passwords <a href="http://bit.ly/1J3pGRT">http://bit.ly/1J3pGRT</a><br></div><div><br>Here is an OLD but still valid article on passwords. <a href="http://www.garykessler.net/library/password.html">http://www.garykessler.net/library/password.html</a><br><br></div>Here are some highlights:<br><br><ul><li><b>Don't</b> use your login or user name in any form (as-is, reversed, capitalized, doubled, etc.)</li><li><b>Don't</b> use your first, middle, or last name in any form.</li><li><b>Don't</b> use your spouse's, significant other's, children's, friend's, or pet's name in any form.</li><li><b>Don't</b> use other information easily obtained about you, including your date of birth, license plate number, telephone number, social security number, make of your automobile, house address, etc.</li><li><b>Don't</b> use a password of all digits or all the same letter.</li><li><b>Don't</b> use a word contained in English or foreign language dictionaries, spelling lists, acronym or abbreviation lists, or other lists of words.<br>(such as 'library' 'director' or 'librarian')<br></li><li><b>Don't</b> use a password containing fewer than six characters.</li><li><font size="4"><b>Don't</b> give your password to another person for any reason. </font></li></ul><br><ul><li><b>Do</b> use a password with mixed-case characters (where supported).</li><li><b>Do </b>use a password containing non-alphabetic characters (digits and/or punctuation)</li><li><b>Do </b>use a password that is easy to remember, so that you don't need to write it down.</li><li><b>Do </b>use a password that you can type quickly, without having to look at the keyboard. </li></ul><div class="gmail_extra">And here is why:<br><p style>
How long would it take to crack my password: <b><em>(Includes letters and numbers only, no upper- or lower-case and no symbols</em>)</b>
</p><p style><strong>6 characters: 2.25 billion possible combinations</strong>
</p><ul><li>Cracking online using web app hitting a target site with one thousand guesses per second: 3.7 weeks.</li><li>Cracking offline using high-powered servers or desktops (one hundred billion guesses/second): 0.0224 seconds</li><li>Cracking offline, using massively parallel multiprocessing
clusters or grid (one hundred trillion guesses per second: 0.0000224
seconds </li></ul>So the password 'library' would take someone at home with a high-powered desktop about 1/40th of a second to crack the password "library" Or, as some sites call it INSTANTLY.<br><br></div><div class="gmail_extra">For more data <a href="http://bit.ly/1BD2ecx">http://bit.ly/1BD2ecx</a><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div><br></div>Bill<br><p><br><b>Bill Hardison</b><br>
Computer Services Coordinator<br>
Northwest Regional Library System (NORWELD)<br>
<a href="tel:419-352-2903" value="+14193522903" target="_blank">419-352-2903</a><span dir="ltr"></span><br><b><i>IM with Google Hangouts</i></b><i><br><br></i></p><p><i>You rush a miracle man, you get rotten miracles.</i><br>
Miracle Max: The Princess Bride (1987)</p>
<div></div><div></div><div></div><div></div>
<div style="padding:0px;margin-left:0px;margin-top:0px;overflow:hidden;word-wrap:break-word;font-size:10px;line-height:13px"><em>This message and any response to it may constitute a public record and thus<br>may be publicly available to anyone who requests it.</em></div>
</div>
</div>
</div>
</div>
</div><div class="gmail_extra"><br><br></div><div class="gmail_extra"><div class="gmail_quote">On Tue, Mar 3, 2015 at 10:05 AM, Stephen Hedges <span dir="ltr"><<a href="mailto:hedgesst@oplin.org" target="_blank">hedgesst@oplin.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Seems like about once a year (maybe even more often) we have to repeat a simple message to OPLIN email users:<br>
<br>
DO NOT GIVE YOUR EMAIL PASSWORD TO ANYONE ON THE INTERNET.<br>
NEVER.<br>
EVER.<br>
<br>
But people still do, and then their account is taken over by spammers and used to spam the Internet, and then our email server gets blacklisted and everyone's email gets blocked. Sometimes the "hook" to get your password is buried in the email as a link to a separate webpage that will request your password, but the rule still applies:<br>
<br>
DO NOT GIVE YOUR EMAIL PASSWORD TO ANYONE ON THE INTERNET.<br>
NEVER.<br>
EVER.<br>
<br>
OPLIN email users have been giving away their passwords for three weeks now. STOP IT. At least 15 individuals have been victimized by the most recent phishing attempt and lost access to their accounts, and caused daily blockages to OPLIN email; don't be the 16th.<br>
<br>
When you give away your email password, it not only affects your account, it affects everyone else, too. When it comes to passwords, forget what you learned in kindergarten: Sharing is Bad!<br>
(And if you have unfortunately already shared your password on the Internet, change your password immediately!)<br>
<br>
So let me repeat:<br>
<br>
DO NOT GIVE YOUR EMAIL PASSWORD TO ANYONE ON THE INTERNET.<br>
NEVER.<br>
EVER.<br>
<br>
Just to be sure you understand, here's a little test:<br>
<br>
Find your email "Reply" button. Find your email "Delete" button.<br>
When you get an email asking for your password, which button are you going to use?<br>
<br>
(Please, please, please pass this test!)<br>
<br>
Stephen<br>
--<br>
Stephen Hedges, Director<br>
Ohio Public Library Information Network (OPLIN)<br>
2323 W. Fifth Ave., Suite 130, Columbus, OH 43204<br>
614-728-5250 :: <a href="mailto:hedgesst@oplin.org">hedgesst@oplin.org</a><br>
_______________________________________________<br>
OPLINLIST mailing list -- <a href="mailto:OPLINLIST@lists.oplin.org">OPLINLIST@lists.oplin.org</a><br>
<a href="http://lists.oplin.org/mailman/listinfo/oplinlist" target="_blank">http://lists.oplin.org/mailman/listinfo/oplinlist</a><br>
<br>
<a href="http://aboutbooks.info" target="_blank">http://aboutbooks.info</a> -- Search for author, title, subject... anything about books.<br>
</blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature"><div dir="ltr"><div><p>
<b>Bill,</b></p><p><b>
</b>Bill Hardison<br>Computer Services Coordinator<br>
Northwest Regional Library System (NORWELD)<br>
<span><span>419-352-2903</span></span><span dir="ltr"><span></span></span><br><b>Yahoo IM - TechnobraryGeek</b><i><br><br>You rush a miracle man, you get rotten miracles.</i><br>Miracle Max: The Princess Bride (1987)</p>
<div></div><div></div><div></div><div></div><div style="padding:0px;margin-left:0px;margin-top:0px;overflow:hidden;word-wrap:break-word;color:black;font-size:10px;text-align:left;line-height:130%"><i>This message and any response to it may constitute a public record and thus<br>may be publicly available to anyone who requests it.</i></div><div style="padding:0px;margin-left:0px;margin-top:0px;overflow:hidden;word-wrap:break-word;color:black;font-size:10px;text-align:left;line-height:130%"></div><div></div><div></div><div></div><div></div><div></div><div></div><div></div></div></div></div>
</div></div>