5. Password policy

Nov. 15th, 2016 02:24 pm
cybersecurity: (Default)
Passwords are the keys to our online lives. With our passwords, people can read our email, post on our social media accounts, see our banking data... and lock us out of our own accounts. So it's important to treat them with great care. But how? Here are a few hints on a good password policy.
  • Do not reuse passwords, ever. Reusing passwords means that breaking into one of your accounts also compromises others. At the very least, add some letters that differ for each site.

  • Switch to two-factor authentication wherever you can.

  • Do not keep the same passwords forever. It's good practice to change them every year, especially the important ones.

  • Do not use passwords such as your date of birth, partner's first name, or pet's name. People can find those easily by looking at social media or even talking to you or your friends.

  • Do not rely too much on often-used substitutions of letters by numbers. A zero instead of the letter o is not exactly hard to guess.

  • If you have trouble remembering your passwords, use a password manager. Read more about that here.

  • It's not a horrible solution to write important passwords down, as long as you make sure you're not leaving them in places where others can find them.

  • An option could be to create them in the form of fake 'people', stored in an address book (either digital or physical), whose made-up names help you remember what they belong to, and whose address or telephone numbers are the password. If you saw 'Amalia 035-3445899' written down in my little black book, would you think that was a password hint for my Amazon password? It's not, but it could have been.

  • Another way to make a decent password that's easy to remember is to make a sentence that's meaningful to you, and use the first letters of each word to form your password. For example: the sentence 'My old aunt Emmy has 3 pretty cute Greyhounds' stands for the password MoaEh3pcG but is a lot easier to remember, especially if you use it for your account on the website where you buy your dog food, or the social network where your aunt always posts pictures of her dogs.

  • If it's allowed, you could also use four (or more) random words that you can easily remember by drawing a picture of them in your mind, instead of a hard to remember and much shorter 'normal' password. Let XKCD guide you here (just do not reuse his example).
Further reading on good password practices:
Cnet
HowToGeek



Go back to the index of Cybersecurity for the Trumped.
Back to Index


Tags:

About

cybersecurity: (Default)
cybersecurity

Most Popular Tags

Links

Feeds

RSS Atom

Hello!

I'm from the Internet and I'm here to help. Please feel free to comment, and to ask questions.


Powered by Dreamwidth Studios