With all the recent password issues companies have been having here is a great article that helps with creating a secure password.
User Training: Creating Good Passwords
Most users don’t have good passwords because they don’t understand how to create them. This how to provides some tips to help create secure passwords in a format that is ready to provide to your users as part of a training packet.
| 1. |
Avoid Dictionary WordsFirst of all, avoid using dictionary words, this includes words from science fiction dictionaries, foreign dictionaries, and dictionaries of common names. Even obscure words from science fiction or fantasy worlds are in special dictionaries and are guessed. |
|
|---|---|---|
| 2. |
Avoid appending a number to a dictionary wordMost people think that appending a number to a dictionary word makes their password stronger. This is false, avoid simply adding numbers to common words. |
|
| 3. |
Avoid using significant dates and namesAvoid using significant dates such as anniverseries or birthdays in your password, these are easy to guess by people who know you. Also avoid using names of family members and pets, they are also easily guessable. |
|
| 4. |
If you can memorize random passwords do soIf you are capable of memorizing a string of 6-10 random letters, numbers and symbols randomly generate your password and memorize it. This will give you the most secure password possible. Don’t think you can do it, think about how many random sets of numbers you know such as your SSN, phone number, etc. |
|
| 5. |
Use Mnemonics of phrasesRather than using words, use a seemingly random phrase to create a mnemonic. For example IwtbotTo2C seems very random, the mnemonic is “It was the best of times Tale of Two Cities” the first line and title of one of my favorite books. Poems, song lyrics, etc. make great quotes to use as a mnemonic, the more obscure the better. |
|
| 6. |
Substiituite numbers and special charactersSubstitute numbers and special characters for letters, preferably in short phrases rather than individual words, for example N0G00dD33d or DefyGr@v1ty. |
|
| 7. |
Memorize your passwordWhatever method you choose to create a good password, choose something that you can memorize without writing it down. If you absolutely must write down a password keep it is a secure location, never around your workspace. |
|
| 8. |
Use Seperate Passwords for Work and PersonalKeep seperate passwords for your work and personal accounts. This way if one is compromised the other will not be. |
Conclusion
Help your users create strong passwords and your network will be more secure avoiding problems instead of recovering from them. Users do not create poor passwords because they want their account broken into, they create them because they don’t know how to do better.
