Jul 17

Using Secure Passwords

These days it is common to hear about websites or services being infiltrated and user account information stolen. When this happens it is not enough to simply change your password on that one system that was hacked, but on every service which you use that same password. For this reason it is far better to use different secure passwords on each website & service whenever possible.

What is a secure password?

A simple password is an easy to remember word or phrase like monkey. The problem is that it is an extremely easy password to hack using simple infiltration techniques (such as brute force attacks). A secure password is a password which is difficult or impossible to hack using commonly known techniques. An example of a secure password would be M0nk3y!34. You’ll notice the “o” in the word Monkey is replaced by the number zero, and the “e” is replaced with the number three.

How to select a secure password

Simple passwords can generally be guessed by understanding a few details about a user, or by using a dictionary attack. It is highly recommended that “strong passwords” be enforced whenever possible.

  • Password should be changed every 30-60 days with a new password at least 8 characters long. Longer passwords are generally more secure, so the longer the better.
  • New passwords should be new to you, and not like any of the previous several passwords used. Incrementing a number or letter at the end of your password is a bad idea since it is predictable.  If someone figures out you are changing your password from summer1 to summer2, and then to summer3, it is not hard to see that your next password change is going to be summer4.  Random password generators can be used to create even more secure passwords by using completely random characters.
  • Passwords should also contain at least 3 of the following:
  1. Uppercase Letters
  2. Lowercase Letters
  3. Numbers
  4. Extended Characters (ex: $,%,*,!)

Permanent link to this article: http://www.baystatetechnology.com/using-secure-passwords/