Security Analyst Kenway Ng shares his secrets to staying safe online
“I’ll admit it, I have a hard time remembering all the complex passwords I use at my bank,
online retailers and even Waste Management. In fact, not that long ago (and against all security advice),
I once wrote them on a sheet of paper and placed it inside my wallet. After a while, I thought I’d
found the perfect strategy! That is until the day I lost my wallet.
Then it didn’t seem like such a swell idea after a few hours of updating my information for every site I
had an account. That’s when another hurdle came up — I couldn’t recall the answers to those
“secret” questions. Favorite middle school pet? Give me a break. But with no way to prove who I was over
the phone, I ended up spending hours verifying my background information with customer service. It wasn’t
a pleasant day and since then, I learned a few new strategies to solve my password dilemma. Here are
my top five.”
Kenway Ng, Security Analyst for WM
- Passwords are most effective if they are easy to remember but hard to guess. Here’s a tip: use a
long phrase rather than a short complex password. For example, both “I love 2 recycle!” and “R3cyc!33”
are compliant with our password policy, but the first is much more memorable and harder to crack.
- Create a code. If using a word is more your style, WM requires that you use both numbers and letters
(special characters are okay too). Sometimes thinking of how to incorporate numbers can be difficult,
which is why people often use a birthday or anniversary. Try making your own code by assigning a random
number to a handful of often-used letters. For example: O = 5, or T = 33. That way, your “Houston”
password becomes “H5us33on.” Try cracking that one.
- Do not write down your password. In theory, it works if we store it in a safe place, but in practice the list would
most likely be lost or left out in the open for anyone to see. I mean, you wouldn’t leave your credit card number
out in plain view.
- Do not share your password with anyone. If you receive scam phone calls claiming that they need your password,
question them and report the incident to your manager.
- Always use a unique password for Waste Management. When LinkedIn was hacked in 2012, I was glad my LinkedIn
password was different than my Waste Management password. I don’t need to worry about hackers having access
to my WM account.
If you need to reset your WM password, you can do so at any time by visiting passwordreset.wm.com. I find this site useful,
since I can access it when I am on the road or at home. This site is an opt-in service, so if you want to use it, register first by
visiting the ITSC page on Visor and selecting “Password Registration.” If you have a security question or topic, please email
it to the Information Security team at InfoSec@wm.com.