Project managers and engineers at technology management and computer services firms commonly wage a “battle of password policy” with the users and administration of the clients we serve. Information engineers must ensure the confidentiality and security of the technology infrastructure, which starts at the end user computer with a password. Most companies have a password policy, sometime dictated by a compliancy standard, other times an adopted standard with loose terms. However, a password requirement is only step number one.
Despite the nonsense of it, employees jotting down a password on a sticky note and attaching it to a monitor happens all the time. Here are things to consider from a leading Michigan computer services firm when it comes to secure passwords:
The Good:
1.People don’t fear passwords themselves, they fear remembering passwords. Many users consider this embarrassing or a failure on their part if it happens. As strong as this fear is, never write a password down.
2.Use uppercase and lowercase letters. They also can contain numbers, spaces or even special characters such as !@#$. With this in mind, try taking a password you can remember and converting it a bit to make it a bit more complex. Example: (current password) marissa- (new password) Mar1ss@. This increases the security of the password exponentially.
3.Consider longer passwords. Use at least six to eight characters. M@tild@ would be good, but L0vEM@tild@ is much better!
The Bad:
1.Do not use plain English words by themselves (anything in a dictionary), such as ‘dog’’. Consider something stronger such as i.e. ‘p22sswo44rd’.
2.Do not use easily retrievable information by itself, such as your birthday, date of hire, kid’s birthday, phone number…etc.
3.Do not make the password too short i.e. ‘bob’
4.Do not use common passwords for everything.
If you absolutely need assistance in remembering a password and must write something down, then do the following.
1.Jot a sentence on a post-it note. For example purposes we will use “My daughter is two years old.”
2.Now (mentally) take the second letter of each sentence: “yaswel”
3.Lastly, take your birth date, add it to the end: “yaswel22”
4.You can even capitalize it to make it more complex: “Yaswel22”
Using this example, all you have to remember is to use the second letter of each word and your birth date and not some obscure random password.
Finally, there are many choices for password management software nowadays which are much more reliable and secure than an excel spreadsheet or writing them all down on notepad paper.
