Picking a good password is the first line of defense in keeping your private data safe. Logging out or locking your computer before leaving for the evening and when you leave the office is a good start in protecting your sensitive date. Another way is as simple as picking a good password.
Everyday most of us use a password of some kind or another. Whether it is getting cash from an ATM and having to use our PIN number or using a keypad to gain access to our office, we are using passwords. Anyone who uses email will also have a password to log onto the server, whether it is a POP based email or a web-based email such as Hotmail.
If you can’t pick your name, make sure you pick your password
Most companies will also issue usernames and passwords to their users to enable them to access the system, typically this is not controlled by the user but by the IT Department. Sometimes, especially with web-based applications such as our browser or email program, we can choose our own username and password. In commercial situations the IT department will issue their users with their username and password. Although normally the username cannot be changed, generally the user can change their password from the system generated one to something easier to remember. The first thing you need to do when you get a password assigned from the system is change it.
Why should I worry?
The whole idea behind passwords is to make it as difficult as possible for an outsider to break into the system and either steal or compromise important or confidential data. I have polled some clients and 15% said that they manage more than fifteen passwords to access their own applications at work, home and the bank but only 5% can easily remember that many. Don’t pick an easy password just because you can remember it, keep your data safe from prying eyes.
Just the Basics
The password must never be the same as the username, or even a variation of it. For example, if your username is [email protected], then you must never use either johnsmith or smithjohn as your password.
Keep it Reasonable
The most secure password is one that is difficult to guess but NOT difficult to remember. There is no sense in creating a password that you need to write down to remember. Post-it notes under the keyboard are really not that safe. Try not to use the name of your children, the family pet, your favorite football team or 12345 or qwerty these are just too easy to guess. The ideal password is one made up of at least 8 characters. It should be alpha-numeric in nature with perhaps 6 letters and 2 numbers in it. You should try to use a mixture of lower- and upper-case characters.
5imp73 Ch4ng35 (Simple Changes)
If you really feel that you cannot remember a password without some sort of help, then one option might be to use one that substitutes letters for numbers in the same way that some car license plates appear to form words. For instance if your password was muscles1, you could change it to mu5c1e51. You can substitute a 5 for an S, a 3 for an E or even a 7 for an L.
Change is not always easy
Most organizations will require their users to change their passwords periodically. This interval may vary from 30 days to perhaps 180 days. The system must be set up in such a way as not to permit a user to change the password from, let’s say, password1 to password2 to password3 for example. Neither should the user be allowed to use the same password more than once.
The last Word in passWords
It is almost impossible to make any computer system totally secure by the use of a username and password, but if you instigate a good password policy, and ensure it is rigorously enforced, then you will have taken the first step to reducing the risk of data loss.
If you want more information about keeping your data safe from prying eyes, or to get a copy of my IT Checklist let me know I have more information to share .