I am constantly confused by passwords. What should they be? Should I have different ones for every tool I use? Should some of my passwords be more secure than others? How do I even keep track of all of them in a secure place? Even worse, is when some sites have format requirements for passwords that do not fit any of the ones you have, so you need to keep track of yet another new one!
Here are my top issues with passwords:
- “It’s so obvious no one will guess” doesn’t work anymore. In other words, “password” as your password doesn’t protect your account. It’ll probably be he first thing hackers try. Most hotels I stay at, their “secure” wifi password is “password” or hotel. I hope this is not a reflection of the creativity of who works at that hotel.
- Adding “1″ to the end doesn’t help either. It will be the second thing hackers try. When websites give you hints as to making a secure password, they often tell you to add a number. They don’t mean adding the number 1 either.
- It’s not enough to mess around with caps. Don’t simply change “password” to “paSsw0rD.” Changing the caps helps, but ultimately its not 100% hack-proof. Hackers have programs that try a truly grotesque amount of password guessing combinations of upper and lower case.
- The same password for every account is trouble. As tempting as this is, once a hacker has access to one password, they’ve got them all, and this is something you obviously have to avoid. This makes for real trouble when they “phish” your password off a non-secure site, like Facebook or Twitter, and it to get into your bank account. Ouch!
- Your father’s middle name doesn’t work either. Another obvious choice which is easier to find. If someone wants to get in your account, all they have to do is get inside your head.
If you do not want to go for random, try combining two unlike items in your life to form a password. For example, the name of the street you grew up on (Lyman) and your first pet (Dixie). Split the two words that is memorable to you (not the date of your birth) and add your favorite symbol on the keyboard (not an exclamation point). For example, my password could be – Lyman93&Dixie
Finally, encourage your employees to change their passwords at least every 90 days. Passwords become less secure over time.
Remember, the most secure password you can have is the one not even YOU can remember! But, there is an app for that too! I am always glad for a feature called “Recover your password”!