Good password security is important, and not so very difficult. A few simple guidelines/practices will stand you in good stead.
Your password is your very own secret word. Keep it a secret. Once anyone else knows it, it is not a secret.
For starters, don’t tell anyone (even your bestie, daughter, co-worker, etc.).
Don’t email or text your password to someone else. Don’t tell anyone.
Don’t store your list of passwords on your computer in plain text or write them on the underside of your keyboard or mousepad. Someone can find them or see them, there. If you must write them down, use a password manager.
Don’t help someone else get it or give anyone a head start figuring it out.
Don’t let someone else use your computer while you are logged onto it. A savvy user can get your passwords from your open browser windows. It is not at all difficult {see the video below as we demonstrate how simple it was to get a password of Facebook login}
Don’t use your name or username as your password.
Create a longer password, even if it seems less complex. Consider using collections of words that form a phrase or sentence. Use your favorite passage from a novel, or part of your favorite joke. Each character you add to a password or passphrase adds an order of magnitude to the difficulty of brute-force attacks.
Never use easily guessed passwords, such as “password” or “user.”
Do not choose passwords based upon details that may not be as confidential as you’d expect, such as your birth date, your Social Security Number or phone number, or names of family members or pets.
a. IMPORTANT NOTE - Avoid posts on social media inviting you to get to know your friends by posting answers to a formatted list of personal questions. That info will be scraped and used to get password hints. Just get to know these folks in person, rather than filling out a form that will let ‘friends’ collect your info for potential identity theft.
Do not use words that can be found in the dictionary. Password-cracking tools freely available online often come with dictionary lists that will try thousands of common names and passwords.
Avoid using simple adjacent keyboard combinations.
a. ASDF1234
b. 123456
c. qwerty
Do not bunch up your special characters. If your password policy requires special characters, numerals, and uppercase letters, spread them out. A capital letter at the beginning is obvious and expected. a. “B@dpassword123” (might meet your requirements but is not so strong).
b. “b3tTer $ecr3t 2 kieHp” (is a better password).
Don’t use the same password at multiple web sites. Though it is generally safe to re-use the same password at sites that do not store sensitive information, if one of these sites is compromised, you will be very glad if your other passwords are very different. These passwords will be tried against more sensitive, higher-value targets if they get into the open.
Use a password manager (or write your passwords down, very, very carefully).
These days, it is downright impractical not to write passwords down, somewhere, especially if you commit to never reusing passwords on different web sites. Just keep the list from getting out in the open. Avoid a Post-It on your monitor, a plain text file on your desktop, etc. You might make a list of all the web sites and services for which you have a password and next to each one write your login name (or a hint about it) and a hint as to what password you use for that service. This hint should only be meaningful to you. If you forget or lose your password, almost all web sites and Internet services have a link to help you when you inevitably forget your password. Everyone has this problem.
So you're thought after reading this is where am I suppose to store my passwords if no where is safe enough? Here's how you do it.
Password manager applications and web sites abound, and most are quite good. The basic idea is that a company has made it their mission to give us a safe place to put all our passwords. That company’s reputation rests on them protecting your data. You can create one long, extremely complex password that is meaningful only to you, remember that one password, and use the master password to get into the password manager, in which your other two hundred fifty-seven unique passwords are stored.
There are lots of good password managers available. Google it!
Contact Bolt Forward today to find out how we can offer your business security, peace of mind and the best service in the industry. As a leading Phoenix, Arizona managed service provider our client is always our top priority. Let us help you grow your business and achieve the results and growth you've been wanting.