The Internet is a pretty rough neighborhood. You leave your front door open and you might find your valuables missing, or an unwelcome squatter on your hard disk. Without a firewall, your computer will get scanned for open ports and vulnerabilities by “the bad guys” looking for unsecured computers to break into.
Let’s establish a few facts (and guesses). Because…
- the Internet lets you communicate with someone the other side of the globe as easily as if they were in the next room;
- computers can automate and repeat things really fast; and
- with around 7 billion people in the world, 2 billion Internet users and a tiny proportion of “bad guys” – say 0.01% (that’s one in 10,000) – there could be 200,000 “bad guys” out there…
…that would mean 200,000 people who are interested in rummaging through your valuables could walk past your door several times a day to see if you left anything unlocked. Automated attacks are mostly pretty dumb. But, like spam, you only need a few dumb targets to make millions of emails worthwhile. Steve Gibson at SRC is an expert in online security, and his site is a good place to assess your own vulnerabilities.
Really good hackers using highly targeted techniques, such as social engineering can get into just about anywhere if they really want to and have enough time to craft an attack. Usually, getting into password protected areas is the focus of their attention, so passwords are on the front line of defense.
This site is mostly about memorizing passwords, but passwords are only part of the security equation. Visit Best Practice to get an overview of what you should be doing to keep safe online.