Open Sesame! Passwords have existed in one form or another since ancient times. Once used to keep evildoers out of encampments, they now protect our data and identities from modern-day criminals. Apps, online accounts, ATMs, and really cool secret restaurants all require passwords, and with good reason.

With data breaches continuously making headlines, creating a secure password and keeping it safe should be top-of-mind for everyone. In this post, we’ll share tips from IT professionals about how to manage your passwords.

65eed5fd6adc52ed940f76b91d507693b43aecb09b6133e0b7e3f01947e5144a

Gandalf had the right idea.

The More You Know – Tips from the Pros

OpenDNS customers are in the trenches everyday, keeping their users safe from online threats, and possibly the occasional PEBCAK. We asked them for their best suggestions for keeping users secure – and password education topped the list:

“Write down passwords (or use a password manager). I would rather my users write down a secure password than memorize an insecure one they use in multiple places.” – Jerry Gamblin, Security Specialist

When you get down to it, humans simply cannot remember truly secure passwords. No matter how good your memory is, a string like ~0Dn5.1$4w3S0m3! is too complex – especially when you consider how many passwords you type in on a daily basis. The value of a password is based on how difficult it is to crack, not how easy it is to remember.

“Use a different password for each site.” – Janet Kowal, Head of Computer Services/Reference Librarian

Herein lies the true value of a password manager. When you type in several passwords on a daily basis, the fact is, each one of those passwords should be unique. Why? If an attacker gains access to your password anywhere, they now have access to every other account you own. Don’t make it easy for criminals to access your information.

“Use 1Password! Randomly generated passwords across hundreds of sites!” – Phil Havens, SysAdmin

If physically writing passwords isn’t your thing, a password manager can do the work for you. 1Password, Dashlane, and LastPass are all examples of password managers, which you can use to create and store secure passwords, so that “forgot your password?” will be a thing of the past.

“Set up a Windows password. Most home users and many small businesses do not use passwords. The computer just boots up into a default account with no password on it that has full administrator privileges.” – Matthew Wilson, Technology Consultant

When thinking about security, many people focus only on what happens online or in apps – they overlook securing a machine or smartphone with a lock password. None of the password safeguards matter if an attacker gains access to your physical device.

“Passwords are like toothbrushes – don’t share them!” – Andrew Hay, Senior Security Research Lead and Evangelist, OpenDNS

There is no reason to share your passwords with anyone, no matter who they are, or why they’re asking. Always enter your passwords yourself. “Loose lips sink ships,” as they say.

So what makes a password secure?

It’s more than just adding a capital letter and some numbers.  Here’s a few examples to avoid, collected by SplashData:

WorstPasswords-2013

You know better than that, right? The strongest passwords are lengthy, impersonal, and make use of various characters. Here are a few basic tips:

  • Don’t use dictionary words.
  • Don’t use personal information that attackers could easily access or guess, for example, a telephone number or family name.
  • Don’t be afraid to go long – the longer your password, the better.
  • Don’t be afraid to use various characters. Make it weird – and in doing so – harder to crack.

Conclusion

You’ve read this blog – what’s next? Hopefully, you have set up a password manager, and you have unique, complex passwords for each site you visit. While you shouldn’t share your passwords, you should share this information with everyone you know. Passwords are universal – good password practice isn’t.

 

This post is categorized in: