Computer services companies commonly wage a “battle of password policy” with the users and administration of the clients we serve. Information engineers must ensure the confidentiality and security of the technology infrastructure, which begins at the end user computer with a password. Most companies have a password policy, sometime dictated by a compliancy standard, other times an adopted standard with loose requirements. However, a password requirement is only step number one.
No matter how strong a password policy you have, it won’t do any good if people just jot passwords down on paper and stick it to their monitors. Here are things to consider from a leading Michigan computer services firm when it comes to secure passwords:
The Good:
1.Most people don’t fear passwords, they fear remembering passwords. Many users consider this embarrassing or a failure on their part if it happens. As strong as this fear is, never write a password down.
2.Good passwords have uppercase and lowercase letters. They also can contain numbers, spaces or even special characters such as !@#$. With this in mind, try taking a password you can remember and converting it a bit to make it a bit more complex. Example: (current password) matilda – (new password) M@tild@ or M@T1lda. This increases the security of the password exponentially.
3.Consider longer passwords. Six to eight characters is a decent size password when combined with these other methods. M@tild@ would be good, but L0vEM@tild@ is much better!
The Bad:
1.Do not use plain English words by themselves (anything in a dictionary), such as ‘the, password, cat’. Consider something stronger such as i.e. ‘p22sswo44rd’.
2.Do not use easily retrievable information by itself, such as your birthday, date of hire, child’s, phone number…etc.
3.Do not make the password too short i.e. ‘bolt’
4.Do not use common passwords for everything.
If you absolutely need assistance in remembering a password and must write something down, then do the following.
1.Jot a sentence on a post-it note. For example purposes we will use “My daughter is two years old.”
2.Now (mentally) take the second letter of each sentence: “yaswel”
3.Lastly, take your birth date, add it to the end: “yaswel22”
4.You can even capitalize it to make it more complex: “Yaswel22”
Using this example, all you have to remember is to use the second letter of each word and your birth date and not some obscure random password.
Finally, there are many choices for password management software nowadays which are much more reliable and secure than an excel spreadsheet or writing them all down on notepad paper.
