Let's Talk About Passwords

Submitted by Trent Boeschen on Wed, 09/09/2009 - 11:08
Judging by the majority passwords I am provided by my clients, my best guess is that your passwords aren't very secure.  Let's go over a couple of tips to get your computers and online accounts less accessible to the nasties out there.
  1. Don't use a word that can be found in the dictionary.  Programs are available that will go through entire dictionaries, attempting to force-guess passwords.
  2. Don't use a word or phrase that can be deduced through sleuthing.  During the 2008 presidential campaign Sarah Palin's Yahoo! email account was "hacked" by researching the answer to her account's "secret question."
  3. Don't write your password on a sticky note and place that note on your monitor or desk. 
  4. Don't use the same password for everything.  Especially not for the extra-special stuff like online bank accounts and your folder of Top Secret documents on Area 51. 
So what should you do?
  1. Make sure to use at least one capital letter, one lower case letter, one number, and one non-alphanumeric character. Mix it up! 
  2. Make it as long as possible - but not so long you'll have trouble typing it correctly or even remembering it. 
  3. Memorize, don't write it down!  Every online site has a way to recover or reset a password.  Use that instead of writing your password down for the entire world to read. 
To help you remember your passwords, implement a system.  For example, replace certain letters with certain number or symbols.  Instead of "password" make it "p@ssW0rd".

Now, please, go change all of your insecure passwords now!