Password123

16 07/16/15 Comments Leave your thoughts

Password: 123456

I’ve had the password conversation with so many people:

“What is a good password, how many different passwords should I have, how should I store my passwords?”

password isn’t a good password, neither is password123. Usually when I answer these questions people tend to respond with “yeah, yeah I get it.” No one wants to jump through the hoops it takes to be secure, it can be costly, time consuming and frustrating. No one wants to do it, until they get hacked.

As end users we have to put some amount of trust into the system we are using. We trust they don’t just have a flood gate to our info, they aren’t sharing our password, and hopefully they are storing the passwords in a secure manner. But that doesn’t mean we should assume bad guys will do the same. As an end user the username and password is our lock into the system, sure there are other ways in, but this is our gate and “YOU SHALL NOT PASS!”

So, how can we do our best to prevent unwanted access?

Your password minimum length should be around 12 characters. It should include symbols, numbers, lowercase and uppercase letters. I personally use a minimum of 25 characters for my passwords. Something like: dIve7Flu3WDqZCWWatrb$KzD* which is crazy hard to remember right? But that one will take around 89.14 trillion trillion centuries to hack, assuming one hundred trillion guesses per second.

You should have one password per account. Let me repeat that, 1 password per acount. If your WordPress account is hacked and your password is stolen who cares, create a new one, secure the site and move on. But if that same password is used for your bank, using the same email. Things just got real! Using one password per account helps insulate you from this catastrophic breach.

Now you have to remember one password for every website, and you have to remember passwords like:

  • u*TLzGn9JTHMoDesO7Kt0ace&
  • IRL@2DJ$ZmM*UE5@jl5gdT83r
  • r3wMsN8#5V07V%#*31F3lEl3N

Impossible! You are correct. I don’t know most, if any, of my passwords. I use a password management tool. There are many of them out there like Lastpass, Keepass and 1Password. They are a secure way to store, and generate all your passwords.

I’m no security expert, but the password management tools have been vetted by them. I wouldn’t recommend them if I didn’t use them myself. These are some of the best ways right now you can help prevent your sites from being hacked, passwords lost, and other data stolen due to lost passwords.

 

For a more detailed dive check out this site: https://www.grc.com/haystack.htm


Tags: ,

Categorized in:

About Joe Kratzat
I'm a passionate software developer with diverse technical abilities such as networking, support and development, using a wide range of development technologies, tools and practices. Basically I love to explore and learn new things.

See All Posts By Joe