With everyone worried about security these days, Friendly Computers found some helpful tips for the next time you need to create a password:
Imagine a world where keys are not necessary. You could walk out the front door and not having to lock it, get into your open car and drive to the bank. At the bank you could open your safety deposit box and take what you needed.
Doing all this without the hindrance of keeping track of keys and operating locks would seem to be the height of efficiency. Society as a whole has decided that the risk is far too high to let any passerby enter your home, take your car or empty your safety deposit box.
We all must make our judgments about how to address the risks we encounter in life. In this article I will discuss passwords (electronic keys) and how to ensure they create the desired effect of securing systems and data.
My first suggestion is to use a strong password. You can do this by choosing passwords that are not easily guessable (family birthdates, pet names, favorite cars, dictionary words, etc.) and are reasonably long. Simple length (in characters) is easier to remember and creates more complexity than using a lot of numbers, upper and lower case letters and special characters (punctuation and other symbols).
A security expert that worked for the National Security Agency for many years once told me that 14 characters was a good minimum. This may sound very long but “wasagoodminimum” is 15 characters and much easier to remember than “G4_0df!.” I encourage everyone as much as possible to grow the length of the passwords they are using for sensitive information.
A second thought is to keep your password private by not sharing them with anyone else, changing as frequently as possible and necessary (based on employee turnover, the sensitivity of your data). If you suspect that anyone has discovered your password, immediately change it (in windows you can hit CTRL+ALT+DEL and hit the “change password” button).
Other ways that people often compromise their passwords are by using the same one on insecure sites and by that action disclosing the password to untrustworthy personnel, or by writing down passwords and leaving them in easily findable locations.
When you walk away from your computer for an extended period of time, it is wise to “Lock” it (Windows key + L) or logoff because otherwise anyone walking by can operate your computer with your credentials. If your password must be written down make sure it is stored in a secure location (safe or safety deposit box).
Finally, a good password is one component of information security and should not be the only step that is taken. Please invest in good antivirus software, antispyware software, backup solutions, web content filtering and patch management practices.
There are ways that malware (viruses, worms, spyware, etc.) can be written to capture even the best password while it is being entered so please be careful and budget for all the pieces necessary to maintain a safe computer. For home PC users there are free versions of a variety of security solutions that can be used, but businesses should make the investments to purchase the best options to protect themselves.
