Five Tips for Choosing Strong Passwords
2017 was a big year for cyber-attacks and 2018 is shaping up to be the same. Businesses around the world are targets of cyber adversaries who steal credit card numbers, took down websites, and obtained the personal information of millions of consumers.
These attacks sent companies scrambling to explain how their data was stolen, compromised, or lost. We learned that some basic, commonsense guidelines about user names and passwords weren’t followed by businesses that should have known better than to use the combination “admin/admin” or other simple to guess passwords.
You can start implementing more effective security than some of the world’s biggest companies if you take implement some simple advice about creating strong passwords.
And before you complain about how hard it is to remember different passwords for all your different logins, ask yourself how hard it will be if an adversary stole your identity, banking information, or other data if someone ever guessed that you used your dog’s name, birthday, or address as a password? (By the way, don’t use those.)
Here’s five simple tips to create strong passwords that will help protect your vital accounts:
- Use a combination of uppercase and lowercase letters, numbers, and symbols
- Make your passwords at least 15 characters long
- Use a bizarre combination of words that only you would remember, or the first letters of a phrase that’s meaningful to you
- Substitute numbers or symbols for letters in words or phrases
- Consider using a password vault product that will generate random strong passwords for every site you visit – then, you only need to remember one password to unlock the vault
I have a colleague who used the words to Queen’s song “Bohemian Rhapsody” as a way to create password phrases. Consider the line “I see a little silhouetto of a man, Scaramouche Scaramouche can you do the fandango?” This created a password that looked like 1s4LS0ams2cudtf?. That looks pretty random! But the user can just sing the lyrics and remember it easily. A song, a movie quote, a phrase that you’ll remember – these are all great ways to create a complex password that will stop the adversary.
Most people have upwards of ten passwords, and some have over one hundred. For people who need multiple passwords, remembering just one would be easier but such a shortcut is also dangerous. It’s not as hard as you might think, and the importance of choosing a unique and complex combination of letters, numbers, and symbols cannot be emphasized enough.
Any experienced security expert will tell you that weak passwords used on multiple sites are partly to blame for online security breaches, so your safety depends on generating a strong password for each different account.
Dr. Eric Cole is CEO of Secure Anchor, former CTO of McAfee and Lockheed Martin, member of the Commission on Cyber Security for President Obama, the security advisor for Bill Gates and his family, and author of a new book, Online Danger: How to Protect Yourself and Your Loved Ones From the Evil Side of the Internet. For more information, please visit, www.onlinedanger.com and connect with Dr. Cole on Twitter, @drericcole.