Exploits & Vulnerabilities
What’s in a Good Password?
A good password is like a good lock. It keeps the bad guys out and keeps you and your information safe and secure. A weak password offers little protection. You may as well lay out a welcome mat for identity thieves. What makes for a good password?
A good password is like a good lock. It keeps the bad guys out and helps you and your information stay safe and secure. A weak password offers you little protection. You may as well be laying out a welcome mat for identity thieves. So what makes for a good password?
1. Your passwords should be at least eight characters long and include a mix of upper and lowercase letters, and numbers or symbols.
2. You should never use personal information. Anything that is public knowledge shouldn’t be used. Any variation of family names, pets, addresses or important dates isn’t secure enough. Spelling them backwards is not safe either as it is a fairly common practice.
3. Your password should not be a common word in English or any other language. Hackers can use programs that check all words in the dictionary.
4. Don’t pick a password that has all of the characters next to each other (12345 or qwerty) because they are easy to detect if someone sees you typing it in.
5. Change passwords often. If you think that someone may have gained access to your system, change all of your passwords right away on a different, clean and secure computer. You should change all of your passwords every 90 days.
6. Your user name and password should never be the same.
7. If you feel that you really need to have a list of your passwords, don’t store it on your computer or on a sticky note next to your computer. Keep it hidden away in a secure location.
Don’t be tempted to pick an easy password to remember. If it’s too easy to remember it’s probably too easy to figure out as well. You can take a phrase and use the first letters to make a password. For example, “I like to drink 3 cups of coffee” could become the password Il2d3coc.
You can also misspell words and add numbers in. Instead of “doghouse” you could use “doGhoWse219”. Since this isn’t a real word and it mixes in upper and lower case and numbers, it would be much more secure than the simple “doghouse” password.
Another good way to come up with a password that you can remember, but is still secure is to substitute numbers for letters that look somewhat similar. For example, the words “bell tower” can be converted to the password “B377T0w3r”, which would be quite hard for anyone to figure out.
Following these guidelines can really help to protect you and your information. No matter how good your password, don’t forget to change it every three months!