Wednesday, February 8, 2017

Security: Strong Passwords = Safer Data

Let's be honest, we have all been guilty of poor password practices at some point in time or another.  Maybe you have kept a notebook on your desk with all your passwords, used the same password for "everything", used a simple password (ex: Winter2017) or kept your password on a sticky note next to your monitor.  Unfortunately, all these practices set us up for having our passwords compromised or stolen, and in return put our data at risk.

There are many things we can do to increase our security when online, including avoiding phishing scams.  In this post, we are going to focus on what makes a strong password.

What do I need to make a strong password?
When creating a strong password, it's recommended that we...

  • Have at least 8 characters
  • Include upper and lower case letters
  • Include numbers
  • Include characters, like ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/
  • Avoid using words found in the dictionary
  • Avoid using your username as part of your password
  • Avoid predictable passwords (ex: Winter17), your kid's name, your favorite sports team, anything that someone could easily find on social media, etc.
  • Avoid passwords that are in succession (Example: GrumpyCat1!, GrumpyCat2!, etc.)
  • Avoid using private information in your password, including your full name, date of birth, address, mother's maiden name, social security number, phone number, etc.
  • Change them at least every 6 months
In PPS, our passwords must...
  • Have at least 8 characters
  • Include 3 of these 4 character types
    • Uppercase letters
    • Lowercase letters
    • Numbers (0 through 9)
    • Characters ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/
  • Avoid including usernames as part of your password
  • Avoid using words found in the dictionary
  • Avoid using the same password that you use for your personal accounts
  • Be changed every 90 days - avoiding passwords that have been previously used
  • Need to change your PPS password?  Follow these directions and you will be off and running.

So, let's play a game (courtesy of Common Sense Media)
I'll pretend to be Abraham Lincoln.  I need to create a password for my email account.  The first password I come up with was: HonestAbe.  Fortunately, I remembered that using a password that uses my name/nickname is not a good idea.  Lots of people would guess that.  So, I give it another try and come up with: 4score-7yrsGbA.  This password is much better.   I'll be able to remember it because Four Score and Seven Years Ago (4score-7yrs) was the beginning of my famous Gettysburg Address (GbA). Success!

Keep it Safe!
Now that you have created a strong password, protect it by not sharing it, using it in multiple locations, or keeping it in a location that is easily located.

Enjoy this Video on Creating Smart Passwords by ConnectSafely.org


No comments:

Post a Comment