The Internet is not what it used to be. Simple HTML pages with text and a few images are a thing of the past. Now, websites are developed to be dynamic, powered by Artificial Intelligence, updating regularly to more effectively sell you things, provide services, and interact with other sites & platforms. We store our Personally identifiable information within these environments - including medical and financial records. We don’t want anyone else to get access to that information.
Fortunately, the use of passwords is being made more secure (if not replaced) through the implementation of things like biometrics, face recognition, security keys, and 2 Factor Authentication.
Until every system adopts one of these advanced access technologies, passwords are and will continue to be prevalent throughout the internet. So until that happens, we have some recommended Password Do and Password Don'ts:
Creating a Strong Password
There various different strategies to employ when creating a Strong Password. Random password generators can create a decent range of characters at an acceptable length, but good luck trying to remember it. Here are some of the most impactful recommendations for creating a Memorable Password:
Length is a big factor in how secure a password becomes. The general rule is that the longer a password is, the harder it becomes to guess what it could be. Anything below eight characters is considered too short, no matter what characters are used. Think about giving your password even more length. Experts have run the math and have found that the longer a password is, the harder it is for hackers to crack it.
A good strategy to follow for creating strong and memorable passwords is selecting a Memorable Phrase. This password strategy makes it easy to remember but also makes it easy to make it long. Select a phrase that is not common but is something you can remember. Strong a few non-related words together to create the phrase i.e. sadunclesseparatecowsnow
Moving on to the characters that are used in a password. It is recommended that you have a mix of Upper Case, Lower Case, Numbers, and Special Characters. The case is pretty simple to address (but don't be consistent - don't Capitalize the first letter in each word, utilize variations.) i.e. saduncleSSeparatecowsnoW
A great way to work in numbers and special characters is to select a few letters and replace them by numbers and/or Special Characters that are similar to the letters. But don't repeat the scheme throughout the password. i.e. saduncl3SSeparatec0wsnoW
A simple method to extend the length and complexity of a password is to add something to the beginning and/or end of your password. These can be letters, numbers, or symbols. It doesn’t matter what they are, just that it takes longer for bad guys to guess what it is. i.e. $saduncl3SSeparatec0wsnoW-
What Makes a Weak Password
Now that we have covered some strategies for creating a strong password, let's talk about what can make a password weak.
The first rule of thumb is if you have a device or account that came with a preset password - CHANGE THE PASSWORD! This is one of the most common mistakes that are made which makes it simple for unauthorized access to an account or device. Default passwords are easily found through search making this a no-brainer, but still many people ignore this recommendation.
Never use a single common word that can be found in the dictionary. No matter how obscure the word is, password cracking technology will figure it out. On that note, password, monkey, 123456, and abc123 are still some of the most common passwords used to this day. Don't make this mistake either!
Easy to Guess Passwords
Don't create passwords that can be easily figured out simply by searching your name on search engines or social media. Birthdays, anniversaries, last-names, or nicknames are easy for criminals to guess. Don’t make it easier for them.
One Password For All
Using the same password over and over again, no matter how long or complex the password it is simply a bad idea. All it takes is for that password to become known and then every account that you’ve used it on can be easily compromised. Passwords need to be different for every site, application, and device you interact with.
Solutions to Your Password Management Problem
So until we are living in a world of advanced security access methods how is a person expected to remember all of these passwords?! Don't worry - there are ways to help with all this password stuff. Continue reading our Managing Passwords post to learn how to keep it all straight.