094 90 48200    Get SUPPORT

Aniar IT Services Blog

Are You Practicing Good Password Hygiene?

Are You Practicing Good Password Hygiene?

Passwords are not a modern invention by any stretch, but as we have dealt with them for so long, there are a lot of bad habits that many people have adopted. That’s why we felt that it was appropriate for us to call out some of these habits and discuss some better options for you to adopt.

How Hygienic are Your Passwords?

With so many of us relying on so many passwords every day, poor password hygiene can often seem to be a foregone conclusion. Think about your own passwords, right now, and see how they compare to this list of inherently insecure patterns that many people develop:

  • Personal details, like your name or birthday
  • Names of friends, family, or most infamously, your pets
  • Commonly used words (like “password” or a favorite sports team)
  • Simple keyboard patterns (like “12345” or “qwerty”)
  • Repeated login credentials (like username: David1973, password: David1973)
  • Making their passwords as short as possible

Now, before you zip away and try to figure out new passwords for all of the accounts that have these kinds of passwords protecting them, let’s take a few more moments to figure out how to actually come up with ones that will be secure.

To begin, let’s consider some “best practices” that should no longer be described as “best.”

Some Less-than-Best Practices

According to NIST (also known as the National Institute of Standards and Technology), the following practices aren’t all that effective any longer when it comes to secure password creation.

  • Alphanumeric Switching: So, we all (should) know that something like “password” isn’t nearly secure enough to be used as a password. As a result, many users would use “p455wO2d” instead, changing letters to numerals and occasionally playing fast and loose with their capitalization. While this isn’t always a bad strategy, using such a common password still makes it far less secure than it needs to be.
  • Length Requirements: It’s likely that you have encountered this as well, as a program has kicked back your chosen password while announcing that “it is too short/long for its eight-to-ten character limit.” According to NIST, these antiquated requirements literally short-change security, as longer passwords or passphrases are more difficult to crack but easier to remember than the short jumbles of random characters.
  • Banning Cut and Paste: For some reason, many username and password fields don’t allow content to be cut and pasted into them, almost as if the prospect of typing out someone’s account details will stop a hacker in their tracks. This also makes the use of password managers, a hugely useful tool in maintaining good password practices, less available. So long as they are used properly, password managers should always be encouraged, as they enable a user to store and use multiple passwords while only really remembering one.
  • Password Hints: We’ve all been asked to set hints for our passwords before, just in case we forget them. You know the ones: “Where did you graduate from high school?” or “What was your first pet’s name?” The trouble with these questions is simple: our online habits make this kind of information easy enough to find online, especially with social media encouraging us to share pictures of our pets, or announcing that we’re attending the “Educational Institution’s Class of Whatever Year’s Something-th Reunion.” Instead of relying on these hints, combine multiple forms of authentication to both offer additional means of confirming your identity and better secure your account.
  • Frequent Password Changes: Considering how many passwords we're all supposed to remember, it only makes sense that users would fight back against frequent password updates by only changing a single detail about it and calling it changed. For instance, let’s return to David1973 for a moment. If this user were forced to change his password too often, it is likely that he would resort to simply adding an easy-to-remember (and guess) detail. Maybe this is the fifth time that David1973 has been told to change his password, so while his password started as “David1973,” it progressed to “2David1973” to “3David1973” and so on to “5David1973.” Of course, we aren’t arguing that passwords should never be changed, but make sure that these changes aren’t actually counterproductive.

How to Create a Secure Password

Rather than using a password, per se, we recommend that you instead use a passphrase. Let’s use a quote by author Elbert Hubbard as our example: “Positive anything is better than negative nothing.” 

Of course, this is a mouthful to type, in a manner of speaking, so it might make sense to use some alphanumeric switching to help abbreviate it into a complex phrase that is still easy to remember.

Doing so, “positiveanythingisbetterthannegativenothing” becomes “p0$!tiV3NE+hg>-tiV3_+hg”.

Then, if you use this password as the master access code for a password manager, the rest of your passwords/passphrases could foreseeably be randomly generated, increasing your overall security even further. To make your password manager even more secure, you should really devise your own complex phrase, rather than steal one from an author.

You never know, some enterprising cybercriminal might be a big fan of Hubbard’s works, too.

For more advice and assistance to help you make your passwords and accounts as secure as possible, reach out to Aniar IT Services by calling 094 90 48200 today!

Four Cybersecurity Tools Your Business Needs
Tip of the Week: Bookmarking Your Google Documents
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, August 08 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.aniar.ie/

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Business Computing Productivity Best Practices Cloud Privacy Network Security Innovation User Tips Hosted Solutions Email Workplace Tips Efficiency Internet IT Support Data Microsoft Google Hardware Software Hackers Data Backup Business Communication Small Business Managed IT Services Data Recovery Cybersecurity Smartphones VoIP Computer Tech Term Cloud Computing Malware Communications Collaboration Mobile Devices IT Services Phishing Windows 10 Mobile Device Backup Android Gadgets Users Smartphone Outsourced IT Business Continuity Network Artificial Intelligence Saving Money Browser Miscellaneous Windows Information Disaster Recovery Business Management Managed Service Facebook Internet of Things BDR Server Upgrade Spam Chrome Office 365 How To Quick Tips Social Media Automation Passwords Router Computers Data Security Applications Data Storage Mobile Office Windows 7 Blockchain BYOD Paperless Office Holiday Apps Word Cybercrime Microsoft Office Virtualization Money Display Managed IT Encryption Infrastructure Human Resources History Networking Mobile Device Management Bandwidth Staff Data Breach Vulnerability Government Wi-Fi Operating System Remote Work Two-factor Authentication Data Protection Patch Management Save Money HIPAA Telephone System Ransomware Remote Monitoring Connectivity Settings Access Control Compliance Digital Signage Law Enforcement Big Data Sports Machine Learning Cryptocurrency Telephony Employee/Employer Relationship Website CES Unsupported Software Software as a Service Scam Training Fraud Business Intelligence Update Content Management Keyboard Spam Blocking Botnet VPN Processor Password Virtual Assistant Managed IT services Bring Your Own Device Redundancy Voice over Internet Protocol Vendor Management IT Management Business Technology Telephone Systems Hard Drive App Meetings Health Social Engineering Augmented Reality Office Google Drive Avoiding Downtime Education Managed Services Provider Identity Theft Servers Comparison Audit Vendor Procurement Private Cloud IT Plan Help Desk Google Docs OneNote Remote Computing IT Assessment Workers Specifications Batteries PCI DSS Data Management Printer Tip of the week Trending Managed Services Public Cloud Mobile Computing Default App Shopping Evernote Cleaning HaaS Virtual Machine AI Recycling Devices Cryptomining Biometric Security Information Technology Windows Server 2008 R2 OneDrive Authentication Data loss Google Search Virtual Private Network Computer Fan YouTube Mouse Windows Server 2008 Practices Safe Mode Security Cameras Covid-19 Cache Software Tips Policy Smart Office HBO IT Infrastructure Social Network Shortcuts Hypervisor Remote Wireless eWaste Thought Leadership Remote Worker Database Telecommuting Manufacturing Computing Amazon Copiers Cortana Alert Save Time Remote Workers FENG Microchip Computer Care Charger Hosted Computing Smartwatch Skype Peripheral Wireless Internet Procedure Document Management Camera Outlook Investment Printing Enterprise Content Management Mobility Going Green Legal Wiring Travel Virtual Reality Professional Services Amazon Web Services Accountants Development Password Manager Nanotechnology Proactive IT Tools Work/Life Balance Managed IT Service Search Engine Personal Wireless Charging Inventory Start Menu Project Management Quick Tip USB Solid State Drive FinTech Printers Frequently Asked Questions Recovery ROI Downtime Password Management Social Sync Multi-Factor Security Saving Time 5G Criminal Twitter Windows 10s Firewall Cabling Fiber Optics WiFi Messaging Business Mangement Smart Tech Screen Mirroring MSP Net Neutrality Millennials Digital Signature Bing GDPR Digitize Hacker Google Apps Employer-Employee Relationship Employee Bitcoin The Internet of Things Regulations Electronic Medical Records Wire Physical Security Apple Entertainment Warranty Excel Root Cause Analysis NIST Supply Chain Management Addiction Unified Threat Management Cables Trend Micro Online Shopping Flash SMS Gmail Cast File Sharing ISP Value Workforce OLED Using Data Credit Cards PDF HVAC IP Address Hard Drives Customer Service Search Regulation Domains CrashOverride Emergency Windows 10 Company Culture Public Speaking Presentation Managed Service Provider Lithium-ion battery Managing Stress Hiring/Firing Wireless Technology Tech Support Personal Information Safety IBM Fun Marketing Productivity Budget Financial Competition Customer Relationship Management