Open Sesame! Passwords have existed in one form or another since ancient times. Once used to keep evildoers out of encampments, they now protect our data and identities from modern-day criminals. Apps, online accounts, ATMs, and really cool secret restaurants all require passwords, and with good reason.
With data breaches continuously making headlines, creating a secure password and keeping it safe should be top-of-mind for everyone. In this post, we’ll share tips from IT professionals about how to manage your passwords.
The More You Know – Tips from the Pros
OpenDNS customers are in the trenches everyday, keeping their users safe from online threats, and possibly the occasional PEBCAK. We asked them for their best suggestions for keeping users secure – and password education topped the list:
“Write down passwords (or use a password manager). I would rather my users write down a secure password than memorize an insecure one they use in multiple places.” – Jerry Gamblin, Security Specialist
When you get down to it, humans simply cannot remember truly secure passwords. No matter how good your memory is, a string like ~0Dn5.1$4w3S0m3! is too complex – especially when you consider how many passwords you type in on a daily basis. The value of a password is based on how difficult it is to crack, not how easy it is to remember.
“Use a different password for each site.” – Janet Kowal, Head of Computer Services/Reference Librarian
Herein lies the true value of a password manager. When you type in several passwords on a daily basis, the fact is, each one of those passwords should be unique. Why? If an attacker gains access to your password anywhere, they now have access to every other account you own. Don’t make it easy for criminals to access your information.
“Use 1Password! Randomly generated passwords across hundreds of sites!” – Phil Havens, SysAdmin
If physically writing passwords isn’t your thing, a password manager can do the work for you. 1Password, Dashlane, and LastPass are all examples of password managers, which you can use to create and store secure passwords, so that “forgot your password?” will be a thing of the past.
“Set up a Windows password. Most home users and many small businesses do not use passwords. The computer just boots up into a default account with no password on it that has full administrator privileges.” – Matthew Wilson, Technology Consultant
When thinking about security, many people focus only on what happens online or in apps – they overlook securing a machine or smartphone with a lock password. None of the password safeguards matter if an attacker gains access to your physical device.
“Passwords are like toothbrushes – don’t share them!” – Andrew Hay, Senior Security Research Lead and Evangelist, OpenDNS
There is no reason to share your passwords with anyone, no matter who they are, or why they’re asking. Always enter your passwords yourself. “Loose lips sink ships,” as they say.
So what makes a password secure?
It’s more than just adding a capital letter and some numbers. Here’s a few examples to avoid, collected by SplashData:
You know better than that, right? The strongest passwords are lengthy, impersonal, and make use of various characters. Here are a few basic tips:
- Don’t use dictionary words.
- Don’t use personal information that attackers could easily access or guess, for example, a telephone number or family name.
- Don’t be afraid to go long – the longer your password, the better.
- Don’t be afraid to use various characters. Make it weird – and in doing so – harder to crack.
You’ve read this blog – what’s next? Hopefully, you have set up a password manager, and you have unique, complex passwords for each site you visit. While you shouldn’t share your passwords, you should share this information with everyone you know. Passwords are universal – good password practice isn’t.