Sections:Blog

Creating a strong password is one of the most important (and overlooked) security measures you can take to ensure cyber security. One string of letters and numbers is all that protects you from a clever hacker who wants to start mucking around with your account. Luckily there are easy ways to generate passwords that are strong AND easy to remember. Read on for useful password creation tips, what to avoid when crafting a password, and helpful alternatives for password storage.

 

First Things First

There are two essential password rules to consider when creating a password for the first time – length and complexity.

  • Your password length should be at least 8 characters long
  • Your password should use a combination of lower case letters, upper case letters, numbers, and special characters.

The easiest way to create a safe password would be to pick two random words, add a hyphen, and tack a number on the end. A space can count as a special character.  That way you have a password that uses all of the rules and is still easy to remember. Some examples of that would be Scruffy-Piano53 or Crutch-Nail88 or Go Bulldogs62.

 

Make a Passphrase

Did you know that you could make a password out of your favorite quote, line from a movie, or song lyric? "Passphrases" are not only easy to remember but unique to you as well. When creating a passphrase you still need to keep our stated rules in mind.

For example:

  • A Sci-Fi fan could make their password “TM0LI-42” (The Meaning of Life is 42) or “HelpMe0bi-WanKan0b1
  • A classic rock fan could make their password “Sw33t-Home-Alabama” or “While-My-Guitar-Gently-W33ps
  • History buffs could take Ben Franklin’s quote "Man will ultimately be governed by God or by tyrants" and make their password “MwubgbG0bt-BF
  • If you don’t have a favorite quote you can still use this method to create a secure password. By using your favorite food or the car you drive you could make a sentence that is just as memorable. For example, my usual order at the cafeteria is a cheeseburger (medium well) with no onions or tomatoes. My password could then be “CBMW-wN00T.” Get creative and see what sticks!

 

Passwords Are Personal

My favorite way to make a password incorporates all aspects of a safe password AND is easy to remember. Simply pick two of your favorite things, add a dash between them, and tack on your favorite number at the end. If you favorite food is pizza and you drive a 2003 Jeep, you could make your password "Pizza-Jeep03." You could use your pet's name, street you grew up on, favorite sports team, favorite TV show character, or anything else you can think of.

 

Use a Password Manager

The days of looking around your desk for those password-filled pieces of paper are over. The number one tip we give our clients regarding password management is to throw away those post-it notes and get a password management system in place as soon as possible. Strong passwords can be hard to remember and are confusing when dealing with multiple login locations across the web. Programs like KeePass, LastPass, and 1Password do a great job of creating unique passwords, encrypting those passwords, and safely storing them for you in the cloud. You can also transfer these programs to your mobile phone or USB drives for the ultimate in portability and convenience. Check out our LastPass post for more info on how to properly configure and implement this service into your enterprise.

 

100% Unique, 100% of the Time

Whether you’re changing your password or creating a new one, it’s important to use different passwords for each website you go to. Since email access is also password protected, it’s never a good idea to use the same email address and password combination.

 

Change it Often

“Treat your password like your toothbrush,” said Clifford Stoll, U.S. Astronomer and author. “Don’t let anybody else use it, and get a new one every six months.” While funny, this still holds true today.

 

Password Pitfalls to Avoid Like the Plague

  • Never use a generic word like “Password” or a sequential number set like “12345.” Not only do you compromise your security, but you also leave yourself open to be ridiculed in a Mel Brook’s movie
  • Never use any information about yourself that can be found in the public record. This includes birthdays, anniversaries, license plate numbers, or home addresses.
  • It’s not a great idea to replace letters with numbers in a common dictionary word. Most botnets are keen to “l33tspeak” and will crack “P455w0rd” just as fast as the word “Password.”
  • Never make your password the same as your username.
  • Never have the same password for two different sites.
  • Always play it close to the chest regarding your passwords. Never share your password with anyone, either verbally or electronically.
  • As soon as a password is hacked, immediately change it to something more secure.
  • Please don't use the "remember password" option in your browser. If your machine ever gets stolen, you've just invited the thief into your home, removed their shoes, and given them a foot massage.