How Secure Are Your Passwords?

Do Your Passwords Have the Right Stuff?

Passwords are a very important step in the fight against cybercrime, but unfortunately, most people use the same passwords over and over for various sites and accounts, or use a password so simple it's worthless. 

Password-336874-edited.jpg

If you're using the same password on more than one platform, whether that be for online banking, email, or Facebook, or your passwords look something like "Abcd1234" or "Password" you're putting yourself in a very vulnerable position. But how are you supposed to keep track of a million different, unique passwords when everything requires a password these days?

Here are 10 password tips to get you started:

1. Complexity: While "p@$$w0rd1" may look clever, most password cracking software contains dictionaries that simply attempt to spell out words with numbers and symbols. To add another layer of security, make sure your passwords contain a unique combination of numbers, capitalization and symbols that don't spell out a word.

2. Length: Most platforms require a specific combination of characters, but a good rule of thumb is between 8-12.

3. Do not use commonly known information: A password should not contain any personal information that can be easily guessed. For example, your spouse’s name followed by his/her birthday or the name of your pet or your favorite sports team - that information can be easily obtained by outside sources, especially via social media accounts.

4. Avoid using adjacent keyboard combinations: "asdf1234" and "qwerty" are a couple of the most commonly used adjacent keyboard passwords and are incredibly easy to crack.

5. Username and password should always be different: While most websites and Windows domains won’t let you do this anyway, it's surprising how many people will copy their exact username for their password, which is incredibly easy for hackers to crack.

6. Never store passwords: Whether plain text documents on the computer, sticky notes in your wallet or sheets of paper under your keyboard, it would take a hacker, or anyone wandering by about 2 seconds to find that information. Instead...

7. Use a secure repository for passwords: A great solution to #6 is a password managing program. Apps like LastPass, Dashlane and Password Safe are handy for consolidating all of those hard to remember passwords into one safe and secure program. A master password is required to get into your user password vault, but it's a lot easier to remember 1 than 50.

8. Don't reuse a password: Although having the same password for your email, online banking, Facebook account and network login at work might be easier to remember, it's much safer to vary your passwords, even if just slightly for each entity. This provides an extra layer of protection for your sensitive data.

9. Separate work and play: Use completely different passwords for work related things and personal logins like social media and personal email. This not only protects you, but your company as well.

10. Obscurity is your friend: Using obscure details about your life can help you remember your password as well as keep it safe from potential guessing. Get creative with it... your dad’s favorite model car followed by the year you two took that road trip, or your favorite moon of Saturn prefaced with your sister's height. Obscurity and a bit of randomness all contribute to creating a great, secure password. 

Sources:

http://insights.scorpionsoft.com/bid/317629/How-to-Keep-Your-Customers-Protected-from-Password-Risk-Best-Practices

http://hitachi-id.com/password-manager/docs/password-management-best-practices.html
http://krebsonsecurity.com/password-dos-and-donts/