The internet has come on leaps and bounds in the past few
years and as such, more and more people are using it as a way to run their daily
lives. Social networking is now a prominent way of communication with friends,
colleagues and family whilst online shopping in now more popular than ever
along with banking and other such services.
The average person may have around 30 user accounts set up
on various websites and each of these accounts would require a username and
password. Additionally more and more people are working from home or accessing
their email and corporate data whilst on the move on devices such as smart
phones and tablets. Therefore it is more important than ever to employ a strict
and robust password policy, wherever possible as the internet becomes ever more
popular, so does the threat of cybercrime.
Here are some tips for improving your password policies;
Don't use the same password for every account
Whilst it would be impossible to have a different password
for every online account, and remember all of them, it is also important to
note that if you do use only one and then someone gets hold of it, they would
have access to everything you do online, be it banking, social network sites or
email. There are systems out there which help manage passwords such as LastPass,
an online password manager which encrypts all your passwords for you, so all
you have to remember is your LastPass account password.
Change your password regulary
For the same reasons as above, it is also important to
change your password on a regular basis. Most corporate IT networks enforce
password changes on average about every 90 days or so. This can be done using
server group policies however domestic users would need to rely on either their
own memory or set themselves reminders.
Don't use standard letters
A common mistake when setting a password is choosing
something and then making it all lower case letters of the alphabet. It is
important to make the password as random and complex as possible. Therefore
using a mixture of capital letters, lower case letters, numbers and special
characters is always advisable. A good tip is to use a word, but then
substitute some of the letters for numbers which look like letters. A number ‘1’
for example could be used for the letter ‘L’ or ‘I’. The number ‘4’ could also
be used in place of the letter ‘A’, and so on.
Use a line from a song
Many people prefer to use short, memorable passwords with a mixture
of capital letters, numbers and characters that don’t take long to enter, whereas
some prefer longer passwords which are often simpler to type. One school of
thought is that a really good password would be to take an entire line from a
song and then just make one of the letters into a number, usually the last or
first, thus making it easy to enter and quite memorable. Here is an example
taken from The Beatles classic ‘Hey Jude’ - 5oletitoutandletitinheyjudebegin –
You will see that the first character is a ‘5’ instead of an ‘S’ and, that the
rest of the password is simply the rest of the line from the song. These type
of passwords are very hard to hack.
Don't use the obvious
A common mistake many people make is using things like their
pets name, date of birth, children’s names, house address etc. as their
password. Having a password like this should be avoided at all costs, as should
standard words from the English dictionary.
In summary, we would advise that everyone has a good think
about what the implications would be if a criminal got hold of your passwords.
In some cases it may not be that serious, but in others it could be
devastating.
If you found this article useful then please feel free to
share it with others, or if you have any password tips yourself, then why not
let us know and we will include them in a follow up article.
Talking of using several standard words to create a strong password, there's a great xkcd comic strip... http://xkcd.com/936/
ReplyDelete