The Importance of Strong Passwords

You can now listen to this article
Subscribe
Voiced by Amazon Polly
strong passwords

A couple of weeks ago, I was teaching a class on Cyber Security. I always talk about the requirement of using strong passwords. Here is the slide I use:

The most common answers to “Which is a more secure password?” are the second password, which is correct – to a point. Yes, it is a much more complicated password, but you will not be able to remember it, so you will write it down. The first password is complicated, harder to hack, and easier to remember.

During my presentation, there were several questions about passwords and password management options. This is why I thought it was worth addressing this topic again.

Complexity is the enemy of security

Creating and using strong passwords is one easy way to help prevent bad people from accessing your accounts. Bad guys collect passwords in many ways, such as by malware that scans the system and monitors Internet usage for usernames and passwords. Dictionary attacks are also used to guess passwords from a list of common ones. Most email systems are tough to attack with dictionary attacks because they won’t let you attempt login after login while trying different credentials.

The best defense is to use a good security suite and to keep it updated. These will make it much harder for malware to get on your system or to run unimpeded if it does. Most of them also detect and block phishing attempts.

However, you still want to have strong passwords. There are places where weak passwords can be compromised, such as the login for your PC. Now, very few people, including the experts, do all the things experts tell them to do in this regard. After all, it’s inconvenient.

Here are some guidelines for choosing a secure password:

  • The longer, the better: At least eight characters.
  • Mix upper and lower case, punctuation, and numerals.
  • Avoid passwords that are words in a dictionary, especially common words.
  • Also, avoid common passwords like “12345.” You’d be amazed how many people use passwords like these.
  • Avoid reusing passwords, especially those for critical resources like your email, on other sites. Doing this exposes you to a broader compromise than necessary.

Even with these suggestions, please don’t make your passwords so complicated that you can’t remember them. Most of us don’t have the memory bandwidth to deal with a large number of obscure passwords.

An excellent next step is to use a password management program, such as Roboform or the open-source Password Safe. I have personally used Roboform for many years and recommend you try it out. There are several other very good password management options you should also explore. These programs let you auto-generate strong passwords, and it remembers them for you; you only need to remember a master password.

More detailed information about Roboform is available here.

What do you use for password management in your office?

Please note: I reserve the right to delete comments that are offensive or off-topic.

Leave a Reply

Your email address will not be published. Required fields are marked *

One thought on “The Importance of Strong Passwords

  1. We use RoboForm, have for many years, highly recommend it! As for the complicated password, it shouldn’t be random letters numbers and symbols, it should be associated with a phrase that you won’t forget. Let’s use the old phrase, “Trick or treat, Smell my feet, Give me something good to eat.” You could recite that in password form as T0t~m()GmsG2e you might need to think about it for a couple days. When thinking the phrase, emphasize the words that use capital letters. Pretty soon you’ll just recite the phrase in your head and your fingers will type the proper password. Have two different password phrases to remember, one for your device and one for RoboForm, then let all the rest be randomly generated and handled by RoboForm.