Since a large portion of our business today, both personal and professional, is conducted online, most of us have a list of passwords a mile long. While it is tempting to create the same memorable password for every account you hold, the results can be disastrous. It is important to remember that the purpose of a password is to protect you and your information against hackers and malicious software.
With the prevalence of hackers steadily on the rise, it only makes sense to safeguard yourself against such malign acts by generating strong passwords that are both easy to remember, yet difficult to guess. Many corporate websites require clients to create “strong” passwords using a set of standards outlined during password creation. Should you visit a site that has not issued a set of guidelines, it is important for facilities managers to remember what makes a password strong or weak and create one accordingly.
What Makes a Password Strong?
A strong password:
- Is at least eight characters long.
- Does not contain your user name, real name, or company name.
- Does not contain a complete word.
- Is unique to this account.
- Contains characters from each of the following four categories: uppercase letters, lowercase letters, numbers, symbols
When creating your unique password, remember that some might meet all the criteria defined above, yet still be considered a weak password. Let’s take a look at a few examples of weak passwords that might put you and your information at risk:
- Password - “Password” is the most commonly used password and should never be used. The word is easily guessed and hackers using a dictionary assault program will have your information in no time. “Default” and “blank” are similarly weak.
- Marshal1974! - While this password uses 12 characters and meets all the guidelines above, names associated with your family, of use of identifying information such as a birth year, are easily hacked.
- H3llo - Though this mixes capital and lower case letters with numbers, this password is too short, and the substitution of the number 3 for the letter E is widely used and easy to guess.
It is possible to generate a strong password that is easy to use, yet difficult to guess or hack. Try a few of these tricks and see what works best for you:
- Use a phrase that is meaningful to you, or that you associate to a particular website, and incorporate a shortcut code or acronym. For example: All4one&1forAll or 14A&A41dumaS for the phrase “one for all and all for one” from your favorite book - The Three Musketeers, by Dumas)
- Incorporate common elements into each password, customizing them to specific sites. For example: Pwrd4Acct-$$ for your password to your bank account or ABT2-uz-AMZ! for your Amazon account. These passwords tells a story using your style and common elements, yet are customized to whatever site you are logging in to.
- Create words or phrases substituting numbers, symbols, and misspellings to create an easy-to-remember phrase. For example: My$un’s Brthd8iz 060105 for “My son's birthday is June 1, 2005. (most websites will allow you to use spaces in your password).
- Play with your keyboard to create a memorable letter or shape. While the password may seem difficult on the surface, all you have to remember is to draw the letter “W” and you’re set!
Now that you’re ready to create your strong password, here are few additional tips to consider for the next time you log in to a new website:
- SplashData, a password maintenance company out of California, creates an annual list of the worst/most used passwords. Check out our blog Did Your Password Make The List Of 2013's Most Commonly Used? to see if yours made the list.
- Never give your password to anyone. Ever. This goes for even your closest friends and family. You never know what might slip out unexpectedly.
- Never just use one password. While it sounds like a no-brainer, many of us fall into this trap. The truth is, you never know what employees are working on the other end who might pass the information along or try to use it on other websites.
- Make your password a minimum of 8 characters, preferably more. The longer your password, the more difficult it is for hackers to break in.
- Don’t use dictionary words, as they are easy to guess. In fact, hackers have developed software specifically designed to guess what words from the dictionary. Create something unique by using more than one word and including symbols, numbers, and upper/lowercase letters.
- Don’t fall prey to “phishing” attacks. If you receive an email from an institution asking you to log in and change your password, verify its legitimacy before clicking the link. If you are unable to validate the email, consider typing in a verified URL before completing the requested actions.
- Consider a password manager such as LastPass or 1Password. These applications allow for storage and management of all your important passwords in one safe place. All information is encrypted and most available apps will allow you to sync between your desktop and smartphone. Use a password manager and you’ll never have to remember more than one password again.
Now that you have what it takes to create an unhackable (hopefully) password, how strong are your current passwords? Did you find any of them on the “Most Commonly Used” list? If so, protect yourself by updating those as soon as possible. Help safeguard your friends and family against a devastating attack by sharing this information…just don’t share your password or post them on your computer.