Your birth date. Your spouse's birthdate. The name of your pet. What do these have in common? They're all commonly used as passwords. So common that any hacker — or disgruntled employee, dishonest temp, or fired subcontractor — could easily figure them out. Many people use the same password for their computers, e-mail accounts, to backups, or online bank accounts. And many companies give every employee the same password to log on to their computers.

“Not having good password security is basically the same as giving people the keys to the office, safe, petty cash box; or the PIN to an ATM card,” says Dave Alpert, president of northern Virginia-based Continnum Marketing Group, who spoke recently with remodelers on the subject. “I was surprised at the level of interest with a topic I thought people might yawn about,” he says.

With so many passwords to remember, it is difficult to recall them all. Alpert suggests the following.

Password substitution table
Password substitution table

  • If you keep a list of passwords, put it on paper and lock it away. Remember that computers, PDAs, and phones are all hackable.
  • Only the owner of the business should know the top level, i.e., master administrative password, for your server. If you don't have a server, passwords are still important, but the danger is different.
  • Change an employee's password before firing him or her.
  • The easiest passwords to crack are names and birth dates. It's more difficult to figure out a password that is a mix of words, letters, and symbols, e.g., garage23boat. Harder still are words, upper- and lowercase letters, and symbols, e.g., Kite$54buG; really hard is Xc7p9J$o&.
  • For the highest level of security, use a substitution code (see illustration) and carry it with you. Using the code, the word “remodeler” becomes 7PXZOPWP7.