Passwords: Change is good

Most people are creatures of habit. We get up at the same time each day. We take the same route to and from work. We have certain activities that we do on certain days. To put it bluntly, we are predicable. From a security standpoint, predictability is a bad thing. It gives the bad guys an edge because, in most cases, they are more aware of your habits than you are.

NEMT IT Magician Andrew Clarke

Today I want to talk to you about predictability as it relates to passwords. They’re those things you use every day to access information both business and personal. The problem is that “they’re so hard to remember.” Sound familiar? Because they are so hard to remember many people use the same password for everything. Are you starting to see the problem? If the bad guy gets your one password it’s like losing your wallet. Actually, it’s worse since there is probably a lot more tied to your password.

At this point, you might be saying that you use multiple passwords so you’re safe. That brings me to predictability trap number two: passwords that are easy to guess. Since you have to remember it (you’re always told not to write your password down) most people pick common things like pets’ names, kids’ names, birthdays, anniversaries, etc. This information can be easily guessed or obtained from your Facebook page.

Now you might be wondering what you’re supposed to do. This all sounds like a catch 22. The good news is that there is an easy way to select passwords that would be very difficult to guess but are easy to remember. First, a few rules to make your password more secure:

  • Your password should not contain any words that appear in the dictionary.
  • Your password should not be all numeric – way too easy to get with a computer.
  • Your password should be mixed case – both upper and lower case letters.
  • Your password should be a combination of numbers and letters if possible.
  • Your password should contain at least one special character (!@#$%) if allowed.
  • Your password should be change fairly regularly (do what makes sense).
  • Your password should be different for each account (again what makes sense).

Now here’s the secret: Come up with a sentence that you can easily remember and turn it into a password by using the first letter of each word. For example:

Sentence: My incredibly handsome cat loves to eat his tuna.

Password: Mihclteht or M1hcl2eht (numbers in place of some letters)

This password makes no sense, so a computer would not be able to easily guess it. If you want to use special characters, the “i” can be replaced with “!” and the “2” can be replaced with “@”. Use your imagination, and be more secure.

Share and Enjoy:
  • Print
  • Facebook
  • Google Bookmarks
  • Tumblr
  • Twitter
  • LinkedIn
  • PDF
  • RSS

No related posts.

This entry was posted in HIPAA, IT and tagged , , . Bookmark the permalink.

One Response to Passwords: Change is good

  1. Enivaldo says:

    I’ve seen similar reinirctsots but still consider the security sufficient ifa) you have some random login number that you write downb) your account gets blocked after 3 tries.If the login number was your account number it could be used for denial of service, so I prefer a random number.Of course someone could still steal your hashed password from the bank and brute-force it which is easier for simple password.But then this is not much easier than installing a trojan, staging a man in the middle attack or sniff your password by other means.

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>