Gary writes, "I’ve heard that you’re supposed to have a good password to keep hackers from breaking into your account, but how do I know what a secure password is? I know I shouldn’t use something dumb like 123abc but I don’t think I can remember a bunch of random letters and numbers. What would you recommend?"
First of all, there are different guidelines for home users and work users. Here are some password security basics for home users:
- Never share a computer account.
- Never use the same password for more than one account.
- Never tell a password to anyone, including people who claim to be from customer service or security.
- Never email your password to anyone.
- Be sure to log off or lock your screen before leaving a computer unattended.
- Change your password whenever you think that it may have been compromised.
- Don't use guessable passwords: this includes your spouse’s name, your kid’s name, your pet’s name, and of course your name.
A perfect password would be made up entirely of random letters numbers and special characters, be as long as possible, and not be used anywhere else. Unfortunately, this is not humanly possible. Unless you use something like LastPass. LastPass is a password management app that suggests complicated, secure passwords for any website or application, and it remembers all of them for you.
Here is another easy way to create strong, secure passwords: instead of using random letters and numbers, use a long string of separate words. For instance, something like "OrangeShrimpOrphanSingers."
You can separate each word with a number to make the password alphanumeric. Try not to make the words related to each other because that will make them easier to guess. But you will likely find four words easier to remember than eight or 10 random characters, and because the password is longer, it is actually tougher to crack.
Oh, and you know how you’ve always been told not to write down passwords? Nah, go ahead, write them down on a piece of paper and lock them in your file cabinet. Look at it this way: if someone is in your house reading that piece of paper, you’ve got bigger problems. In addition to stealing your passwords, they’re probably also stealing your checkbook, your TV and the lunch meat out of your fridge.
Now, for business users, each corporation has their own policies. So, even if the policy is not optimal you have to follow it. If your company allows it, consider using LastPass.
Unlike what we said about home users, work users should never write down their passwords. There are too many people walking by your office or cubicle, and that means a lot of opportunities for casual password grabbing.
Also, never use a password for a business account that you also use for your personal accounts, because if your private information is compromised, then your corporate information will be also.