Time to Create a Tougher Password

By Rick DeBruhl, Chief Communications Officer
September 11, 2012

Are you one of those people who use "password" as your password? How about "123456"? If so, it's time for a change. Members logging into their AZBar account this week to file their MCLE affidavits have noticed we're requiring you to use a tougher password. As a result of a few cyber attacks that targeted a small number of member email accounts, we decided that it was time to make it a little harder for the bad guys to hack their way in. We've adopted the Microsoft standard which requires a minimum of eight characters, two of which must be either a number, capital letter or a symbol (such as ?, ! or *).

Why does it matter if someone hacks into your account? It creates a series of problems. The first is that you're at risk for having your identity stolen. That's especially true if you use the same password for other accounts. While some hackers use victim's accounts to send spam, others are making it part of a confidence scheme creating other victims. Finally, hacked accounts pose system problems as well. If the Bar appears to be the source for spam, some providers will block our accounts which prevent legitimate emails from going through.

Will a tougher password make a difference? After speaking with the few members who had their accounts hacked, it appears that they weren't victims of phishing or some complex attack. They simply had passwords that were easy to guess. One estimate says that using the Microsoft password standard makes it 25,000 times more difficult to figure out.

Here are a few more tips from Microsoft:

  • Don't use names of spouses, children, girlfriends/boyfriends or pets.
  • Don't use phone numbers, Social Security numbers or birthdates.
  • Don't use the same word as your log-in, or any variation of it.
  • Don't use any word that can be found in the dictionary - even foreign words.
  • Don't use passwords with double letters or numbers.

We work hard to protect both your identity and the security of your account. The battle against junk email has reached the point where we currently block or mark approximately 98% of all incoming emails as spam.

We understand that thinking up one more complex password doesn't make your life any easier up front. But avoiding a hacking problem can save you a lot of time and headache down the road.