According to the 2014 Verizon Data Breach Investigations Report, the use of stolen and/or misused credentials, such as user names and passwords, continues to be the top way for hackers to gain access to information. Below are some tips for creating strong passwords.
Contact SME for assistance in creating office policies and procedures for this as well as other Best Practices!
A Strong Password Should:
- Be at least 8 characters in length
- Contain both upper and lowercase alphabetic characters (e.g. A-Z, a-z)
- Have at least one numerical characters (e.g. 0-9)
- Have at least one special character (e.g. ~ ! @ # $ % ^ & * ( ) – _ + =)
A Strong Password Should Not:
- Spell a word or series of words that can be found in a standard dictionary
- Spell a word with a number added to the beginning and/or the end
- Be based on any personal information such as family name, pet, birthday, etc.
- Be based on a keyboard pattern (e.g. qwerty) or duplicate characters (e.g. aabbccdd)
Use a Passphrase or a Nonsensical Word:
- A passphrase could be a lyric from a song or a favorite quote. An example of a strong passphrase is “Superman is $uper str0ng!”. A nonsensical word can built using the first letter from each word in a phrase (e.g. C$200wpG., represents “Collect $200 when passing Go.”). These typically have additional benefits such as being longer and easier to remember.
The following are vital suggestions for using passwords
- Do not share your password with anyone for any reason.
- Change your passwords periodically—at least every three months.
- Do not write your password down or store in an insecure manner. Never store a password in an unencrypted electronic file or use the “save my password” feature on websites for important passwords.
- Do not use automatic logon functionality on websites or devices.
- Avoid reusing a password.
- Avoid using the same password for multiple accounts or sites.
- If you have an in home Internet router, change the default password. Each router has a basic default username and password combination. This makes it easier for hackers to break into your network.