October was a month filled with lots of annuals. No, not flowers. It’s traditionally known as the month for National Breast Cancer Awareness, and has been claimed as the time of year to focus on:

• National Dental Hygiene

• Arts & Humanities

• Disability Employment Awareness

…just to name a few.  Did you know that it’s also the month for National Cyber Security Awareness? With the amount of time we spend on the internet, it’s not a bad idea to make sure that you’re doing all you can to make sure you’re not being attacked.  I’ve been on the wrong end of this issue before, a few years ago and again recently. Ironically, last month, someone charged $300 to my PayPal account using their cell phone.

I was not happy. Not only did I have the hassle of having to call all the appropriate parties, I also had to change my password for just about every financial account I have. I guess I didn’t have to, but I was nervous about being attacked again, so I changed them all. Now I have to carry my password log with me everywhere I go because I can’t remember the new passwords.

I didn’t get any happier when I read a recent article in the Boston Globe that said changing passwords is a waste of time. Well, isn’t that a nice piece of news.

…users are admonished to change passwords regularly, but redoing them is not an effective preventive step against online infiltration…”

Seriously?!? So changing our passwords every 90 days is just a waste of precious minutes? What about all those cyber evil-doers and their bots?

Cormac Herley, the researcher who conducted the study (he’s also a principal researcher for Microsoft Research) says that it’s still important to protect our computers, but that it’s too time consuming because there are too many steps. Nice…a researcher who cares about time management.

Here’s what Herley suggests:

1. Create a kick-ass password surrounded by a moat and alligators. And armored guards. And a couple dobermans. And a ninja.

2. Install the most update virus software. You might think it the latest and greatest version, but are you sure? Go check now.

3. Remember that moat I mentioned earlier, well that’s your firewall. Make sure it’s activated.

4. BE CAREFUL. Unfortunately, we’re the sort that invite spyware to mingle with our computers and smart phones. We like to download stuff. We get tricked. We’re not stupid…the evil-doers are just really smart. Yeah, I don’t like that either.

‘One of the main ways people get compromised is that they open the door to an attacker themselves,’ said Herley. Someone might load software promoted as offering protection when it is actually spyware in disguise, he said, or they ‘open an e-mail attachment with a malicious payload…’”

Do you still think we should change our passwords often or do you agree with Herley?