If you think about it, password security is an interesting phenomenon. The odds are that a user knows the importance of using a strong password, as well as the potential consequences of using weak ones. Yet, time after time, people would rather go with passwords that are easy to type and remember, as opposed to adding a few simple security measures.
According to an annual compilation list published by Splashdata, the worst passwords of 2017 were “password” and “123456”. These two security nightmares have been in the #1 and #2 positions, respectively, since at least 2010 - when Splashdata released their first survey. “12345678”, “qwerty” and “12345” round out the top five. The highest ranking newcomer on the list was “starwars”, which debuted at #16. You can find the rest of the 100 Worst Passwords of 2017 here.
A quick Google search of ‘best practices’ for creating a secure password will reveal that there is no shortage of experts and publications that have their own recommendations and guidelines. The following tips were adapted from the guidelines recommended by the United States Computer Emergency Readiness Team, or US-CERT. (Note: US-CERT is an entity of the Department of Homeland Security (DHS) that was created specifically for the safety and security of the Internet and to protect against cybersecurity threats.)
Many times, a password will have to meet the security requirements of a specific site or application. Do your best to keep these tips in mind when developing your password.
- Use different passwords on different systems and accounts.
- Don't use passwords that are based on personal information that can be easily accessed or guessed.
- Use a combination of capital and lowercase letters, numbers, and special characters.
- Don't use words that can be found in any dictionary of any language.
- Develop mnemonics (or spoken memory tricks) such as passphrases for remembering complex passwords.
- Consider using a password manager program to keep track of your passwords.
One more thing that Strata Information Technology would like to point out is that businesses should never underestimate the importance of stressing Internet security best practices - including password safety - to their employees. Do you have any password or security tips that you’d like to share? Sound off in the comments below.