A favorite hacking technique among cybercriminals is simply to discover and use existing passwords. Weak or easy-to-guess passwords can be cracked in minutes using software, and stored passwords left unencrypted can easily be mined if the wrong person gains access to your computer or desk. As a small business owner, you must protect your interests not only by creating robust passwords, but also by managing those passwords safely. Let’s explore a few proven principles for creating and managing passwords effectively and safely.
Three Rules to Create an Unbreakable Password
Kevan Lee of Buffer talks about the anatomy of a password that is nearly impossible to crack. In effect, such a password should employ all three of the following rules:
1. It should be a minimum of 12 characters. (The longer the better.)
2. It should avoid commonly used words like names, places or dictionary words.
3. It should include variations in capitalization, punctuation, spelling and numbers.
The idea behind these rules is to create a sequence of letters, numbers and symbols that appears as random as possible. Hackers bank on the idea that people will create passwords using familiar words to make them easy to remember, which is why they utilize dictionaries to help them crack passwords. They have even begun picking up on common substitutions like $ for “s” and @ for “a”. Thus, the more random your sequence, the more difficult it will be to break.
How to Create Difficult Passwords You Can Actually Memorize
Of course, the the more complex the password, the more difficult it is to remember. You can compensate for this challenge by using one of a number of memory techniques in creating your password. A couple of examples:
- Take a sentence and turn it into a password. Security expert Bruce Schneier has recommended this method for years. For example, “Hooray! My 23rd birthday is next week!” could be turned into “H!my23bdiNW!”
- PAO method (Person-Action-Object). As Scientific American explains, try thinking of a memorable person, a random action and a random object, create a “story” using all three (e.g., “Bill Gates swallows a bike on a baseball field”), then use that story to generate a number of different passwords derived from it. (Examples: “BGsaB1k3oaBF” or “BGATswabikoAbf?”)
Never Reuse a Password
If a hacker cracks a password for your account, the first thing he will do is try the password on a different account. If you make the mistake of using the same password on all accounts, a headache could quickly escalate into a catastrophe.
Use a Password Manager
If the thought of creating and remembering so many complicated passwords intimidates you (as well it might), consider using a password manager like LastPass or Dashlane. The idea is to manage and store all your passwords in one secure location accessed by a single password. Not only does this mean you only have to remember one password instead of dozens—you can even use a random password generator to create new passwords for your accounts without ever worrying whether you will remember them.
NetServ is committed to helping small businesses keep their online activities safe and secure. To learn more about effective password management, call 1-877-NetServ today.