When it comes to your online accounts, passwords can be the weakest link in security. Creating a unique password can be difficult for most users, but it is extremely necessary as passwords can be easily cracked if they are missing key components.
Currently a PC can generate 16,036,446.65 keystrokes per second, which makes password cracking simple. The shorter your password, the easier it is to crack.
Here are some quick tips for better password security:
- A 20-character all lower-case password is more secure than an 8-character password with caps and symbols.
- Break up words with numbers/symbols (e.g. Comp1ex*S3cur1ty).
- Add abbreviations at the beginning or the end of a generally used password to maintain security and uniqueness for websites. Use abbreviations that make sense to you.
(e.g. for Facebook: fbookComp1ex*S3cur1ty --- for Twitter: Comp1ex*S3cur1tyTweet#)
- Turn sentences, sayings, book titles, lyrics, etc., into passwords.
Use emphasis on certain words to remember capitalization, and if needed break apart words by replacing characters with symbols or numbers.
(For example, Harry Potter and the Order of the Phoenix becomes HP&tOotP
If you combine this with the year of the book and and your favorite character, you now have an extremely hard password to crack:
- Do not use the same password for multiple sites.
- Use a password manager to help you keep your accounts secure. Using a password manager allows you to keep your passwords complex and unique for every site you use, while also keeping your data safe and accessible. Try LastPass, 1Password, or Dashline
- Don't sticky note it! Studies show that people still sticky note passwords near their workstation. Don't leave your passwords lying around!
- Always Use Two-Factor Authentication (when available)
Protect your account from access, even when your account's password has been compromised. Two-factor authentication sends you a text message or email with a code that, when entered, confirms the new device login actually belongs to you!
Contact us today at firstname.lastname@example.org for more information on our Security Awareness Training!