Password Best Practices

Last week, I spent the better part of a day changing all my passwords for my computer and all my other web accounts. This is something you should do semi-regularly for optimal security, especially now that more and more information is accessible online. I say should because  I haven’t changed my passwords in over 5 years! So after going through all this I decided I would share some of my best practices and tips for passwords so yo can keep you digital information safe.

Password Requirements:

The first thing you need to do when coming up with a password, is to determine how long you want the password to be. Most sites require a 6-8 character password, but I would recommend making a longer password for extra security and to be future proof since, longer passwords will most likely be required in the future.  You also may want to use a longer for more sensitive information, such as banking to protect the more private information. Strong passwords don’t use words, or phrases but instead, are comprised of random characters. Many times, sites require capital letters, lowercase letters and numbers. Some sites also require use of special characters  ($, &,@, etc) but some sites don’t allow them so if you use the same password on multiple sites, you might have trouble using certain characters depending on the site. In order to have the strongest password, you should include all the previously mentioned characters (Capital letters, lowercase letters, numbers and symbols) but as I already said symbols can get tricky because not all sites use all the symbols, so you may want to avoid them.

Creating A Strong Password

Once you know how long you want your password to be and the types of characters you want to include, there are several ways to generate a password. When I changed my passwords, I used PCTools.com’s Password Generator I like it not only because it let me choose which types of characters I want to include and in the same sense, not include, but it also will generate multiple passwords at once. I generated 50 potential passwords and then took parts of some passwords to make my password. This will provide ore security than just copy and pasting a password from the generator, and also allows me to use characters or segments that are easy for me to remember. Generators are the easiest way of making a new, strong password and although there are other ways of making secure passwords using algorithms, which is what I was going to try and do, but this is just so quick, easy and secure.

Password Managers

I’m sure that most people don’t have as many accounts as I do, but even for the average person, it is not easy to remember all the accounts you have registered for and ultimately need to change the password of.  Password managers can make this much easier, as long as you keep it up-to-date. There are applications that manage all your password, the most popular application is a free and open source program called KeePass, Mac OSX also has a password manager called Keychain built-in to the operating system and I believe integrates with Safari. Speaking of browsers,  every modern browser allows you save you passwords within the browser, but even with a master password, it isn’t very secure. My favorite password management solution is LastPass, which is what I use for all my passwords. It’s a browser extension that will sync your passwords to the cloud, encrypted and is protected by a master password. LastPass synchronizes your passwords between multiple computers and if you pay $1 per month you can use an app it on your smartphone to access your passwords as well. LastPass has a extension for all major browsers and an app for every major phone platform, even WebOS and Windows Phone. The browser plugin also has a built-in password generator that will generate a new, strong password and automatically put it in the form. The other huge advantage of using any password manager is that it makes sure you don’t forget to change the password for any of your accounts.
Tips:

  • If you have to write your password(s) down (which you really should never do), hide the paper is written on. (Don’t hide it under the keyboard or tape it to your monitor)
  • Try and Change Passwords at least once a year, more frequently for more security.
  • When Changing passwords, many sites will have a meter to show how strong your password is, use that before changing your password to make sure you have a strong password

One comment

  1. […] did this in about 5 years! I plan to now change them much more frequently from now on and wrote an article about some password best practices that I came across when changing all my passwords. I wrote a […]

Leave a Reply

Your email address will not be published. Required fields are marked *

*

 

Bad Behavior has blocked 521 access attempts in the last 7 days.