Passwords are used at work and in personal life, and tracking all of them can be challenging. But they only work if they are complex and confidential – many instances of hacked passwords have occurred because of non-secure and inadequate passwords. Here are some tips from the Cybersecurity & Infrastructure Security Agency to help.
HOW TO CHOOSE GOOD PASSWORDS AVOID COMMON MISTAKES: Most people use passwords that are based on personal information and are easy to remember. However, that also makes it easier for an attacker to crack them. Consider a four-digit PIN. Is yours a combination of the month, day, or year of your birthday? Does it contain your address or phone number? Think about how easy it is to find someone’s birthday or similar information.
A good method is to rely on a series of words and use memory techniques, or mnemonics, to help you remember how to decode it. For example, instead of the password “hoops,” use “IlTpbb” for “[I] [l]ike [T]o [p]lay [b]asket[b]all.” Using both lowercase and capital letters adds another layer of obscurity. Changing the same example used above to “Il!2pBb.” creates a password very different from any dictionary word.
Length and complexity: According to the National Institute of Standards and Technology, you should consider using the longest password or passphrase permissible (8—64 characters) when you can. For example, “Pattern2baseball#4mYmiemale!” would be a strong password because it has 28 characters and includes the upper and lowercase letters, numbers, and special characters. You may need to try different variations of a passphrase—for example, some applications limit the length of passwords and some do not accept spaces or certain special characters. Avoid common phrases, famous quotations, and song lyrics.
Dos and don’ts
Once you’ve come up with a strong, memorable password it’s tempting to reuse it—don’t! Reusing a password, even a strong one, endangers your accounts just as much as using a weak password. If attackers guess your password, they would have access to your other accounts with the same password.
Use the following techniques to develop unique passwords for each of your accounts:
HOW TO PROTECT YOUR PASSWORDS
After choosing a password that’s easy to remember but difficult for others to guess, do not write it down and leave it someplace where others can find it.
Programs called password managers offer the option to create randomly generated passwords for all of your accounts. You then access those strong passwords with a primary password. If you use a password manager, remember to use a strong primary password.
Password problems can stem from your web browsers’ ability to save passwords and your online sessions in memory. Depending on your web browsers’ settings, anyone with access to your computer may be able to discover all of your passwords and gain access to your information. Always remember to log out when you are using a public computer (at the library, an internet cafe, or even a shared computer at your office). Avoid using public computers and public Wi-Fi to access sensitive accounts such as banking and email.
There’s no guarantee that these techniques will prevent an attacker from learning your password, but they will make it more difficult.
Source: Cybersecurity & Infrastructure Security Agency