Don't Fall Prey to Lazy Password Practices Tips and Recommendations for Better Passwords Ron Pacchiano
What Makes a Password Strong
Now that we know what not to do, we have to look at the question, "What constitutes a strong password?" In order to ensure maximum protection, your passwords should be at least eight characters long. Microsoft recommends at least six characters, but eight characters will be significantly harder to crack. For optimal security, the passwod should also contain a mix of alpha-numerical characters, in both upper and lower case, as well as special characters like !#%$&.
Ideally, it shouldn't even be a real word; just random characters. The more random the sequence of characters, the more secure the password will be. An example of a secure password would be something like"Hgs3@4j55nKX!s!". This password is 15 characters long and contains a combination of numbers, symbols, upper and lowercase letters. Also, since it's long and totally random, it will be far tougher for someone to hack.
Regrettably, though, most users don't conform to these guidelines. The primary reason for this is simple. A proper password is generally so complex that most people can't remember it without writing it down. However, a strong password doesn't have to be hard to remember though — just hard for someone else to guess. To help get you started here are some tips for constructing a strong, yet easily remembered password.
Numbers for letters — Some numbers bear a strong resemblance to letters and vice versa. For example, the number "1" looks a lot like the letter "l" or "I". Substituting a look-alike number for a letter ensures your password won't be looked up in an online dictionary. The numeral "5" looks like "S," "2" can look like "Z," and "3" can resemble an "E."
Substitute special characters for letters or numbers — Concurrently, you can try substituting a "$" sign for a capital S, an "!" for a lower case l or upper case I. You could even use the symbolic version of a word. For instance, use a "$" for the word "dollar," "&" for "and," and "@" for "at" or vice versa.
Splitting Words — A simple word or phrase with some sort of significance to you can be a good starting point. You can then "split" the word with a number or special character. For example, I watch a show called "The War at Home." A good password based on this would be "War@H0m3".
Favorite Movie or Quote — Take a favorite song, movie or quote. Remove the first letter of each word, up to eight words. Throw away the rest. Example: Star Wars: The Empire Strikes Back, Episode 5. This could be "SWt3$be5".
Foreign Language — For those of you fortunate enough to know two languages, try mixing two words from different languages. (Can't really help you here, but get creative.)
As an added precaution, Microsoft recommends you change your passwords every 90 days. A server can be configured to prompt you when your network password is about to expire and will prompt you to change it when the time comes. In most cases, you'll have up to 14 days to make the change. Hint: Whenever possible, try to reset passwords on a Monday. This will give you the rest of the week to dedicate them to memory.
Please remember, building strong passwords helps you protect both business and personal data from unauthorized access, and passwords are meaningless if you write them down and leave them somewhere easily accessible by others.
I cannot over emphasize the importance of this enough. Proper password creation and management isn't as daunting a task as you might think. Whenever you need to create a password just remember these three simple rules.
