Your Passwords Are Like Flowers - They Too Should Grow with Time
Creating strong passwords that are hacker-resistant is critical to maintaining company data and personal information both online and on-site. As a critical, crucial component to maintaining the ultimate set of computer security, it is vital to develop strong passwords for every individual account on the company server, in the cloud, or online.
Passwords are often the weakest link in any online or server security system. With the advancement of password deciphering tools available to nearly anyone, breaches in security can happen within hours. Many times, cyber-attackers will use password-deciphering software from any one of three approaches including dictionary attacks, intelligent guessing, and the automated software programming that builds every possible character and number combination.
What to Avoid
Developing a poorly constructed password is identical to leaving the house key to the front door under the doormat. Like the thief standing on the front porch, hackers make the most of typical human behavior, and often look in the obvious place for the key (password) into the user's belongings. Without the need to use any other tools except gaining knowledge of the user's personal, basic information including the names of their children, birth dates, names of pets, and special dates they can quickly develop a long list of potential passwords.
In determining how to design a quality password, it is critical to know what to avoid. These include:
- No Personal Information – It is imperative to never use personal information when building a strong password. Any familiar birthdate, name, or event will be very easy for a hacker to decipher almost immediately. Additionally, avoid using descriptions of anything around your office desk that might provide a "shoulder surfer" the opportunity to guess what your password might be, including pictures of pets and family members.
- No Dictionary Words – Because every hacker deciphering passwords uses dictionary software to generate combinations of words and numbers, it is imperative to never use dictionary words. Any real words in your password can be deciphered within seconds.
- Well-Known Phrases – Many people choose to create a passphrase instead of a password. While the results are more complex than using a single word or two, well-known phrases from books, movies, speeches, etc., can quickly be deciphered.
Password Management Tools
An easy way to remember and store complex passwords in a secure environment is to use an available password management tool. Software tools have the ability to maintain a long list of usernames and complex (mind-bending) passwords. Through encryption, they can fill in the username plus the associated password (passphrase) information automatically in the office, online, in the cloud, and in applications, both on a PC (Mac) and mobile environment.
What to Do
There are specific ways to generate a well-designed password or passphrase that is difficult to decipher, but easy to remember. They include:
- Use Different Characters – Users can create more complex passwords by using various character types including "%", "~", "+", along with lowercase and uppercase letters, and a combination of numbers.
- Make Phrases More Complex – Complex passwords can be created by using a short phrase or a long name, and utilizing the first letter of each word in a phrase. The phrase "The new millennium began in the year 2000," can instantly be transformed into "Tnmbity2000", as a password that is easy to remember.
- Mix-up Passwords – Every online and on-site account that requires a username for a login should have an individual, unique password. Anytime a hacker gains access into one account the user has, they can gain quick access into all of them, if the same password is used. Highly secured passwords should be developed for gaining access into bank accounts, and financial sites including credit card companies.
- Develop Stronger Password Policies – The IT departments of many businesses, organizations and companies can develop better enforcement through strong developed password policies. Pre-conditions can be set so the computer that will not accept any password that does not follow the pre-determined minimum requirements of creating a new password.
Tighter security in gaining access to online and on-site accounts has never been more crucial in maintaining the integrity of the company's critical data. Employees, when allowed to use their own devices, will often choose a password that is extremely simple to generate and easy to remember. As a way to circumvent the problem, it is critical to teach them how to create better, more complex passwords and/or passphrases.
With a little preplanning, and basic understanding, anyone can learn how to develop a complex, but easy to remember, password or passphrase. By strengthening the password of each account, every user will reinforce the company's security while safeguarding critical and confidential data from online and on-site hackers eager to gain access into accounts without permission.