Hide

Password Complexity

Passwords have become part of our daily lives. We use them to secure access to our email, shopping sites, bank accounts, and nearly every form of electronic information. We want to remember the passwords we need, but there are so many. To further complicate life, every system has specific requirements to meet when creating a new password. When you consider all the passwords we have, it's no wonder why some people reuse an old password, only make incremental changes to new ones, or use words from the dictionary. These are risky practices and need to be improved. A password's security resides in its length and complexity.

According to “How secure is my password”, a website used to test password security, a password with ten characters only using upper and lower case letters and two numbers can be cracked in seven months by a hacker using a typical computer. Changing one character to a symbol increases the time to determine the password to five years. However, using symbols can make it more challenging to remember what the password is.

Recently we had JSCM, our security consultant, conduct a security assessment of our IT systems. In their report, they recommended implementing a solution that enforces the use of more complex passwords. We will be deploying a solution that will increase the security of our network by requiring more complicated passwords. We recognize that this will be challenging for some employees. So, we have a recommendation to help you create secure passwords that you can remember.

Character substitutes

Using numbers or symbols in place of letters is a great way to increase a password's complexity. Here are some examples: A = @ B = 8 c = ( E = # g = 6 I = ! L = 7

Passphrases

Using a passphrase is a great way to improve the length of your password while remembering what you used. What is a passphrase? It's a quote or scripture used to create a password. For example, from part of an age-old nursery rhyme, "Jack and Jill went up the hill to fetch a pale of water." We get the following password J&Jw^th2fap0w. In this example, I created the password by using the first letter of each word and substituted some letters with numbers or symbols. Another possible password is, J@ck & J!ll1 . These are great passwords!

As we increase the complexity of our passwords, we will be decreasing how often passwords will have to be changed. We plan to complete the rollout of the password complexity enforcer by the end of the third quarter. Meanwhile, we recommend you start using password phrases when changing your passwords.

Print Article
Download Newsletter
Read More
You may also be interested in...
Endpoint MFA
Endpoint MFA
WHAT IS ENDPOINT MFA?
Endpoint Multi-Factor Authentication (MFA) is a security process that requires users to respond to requests to verify their identities before they can access the Nutramax network...
Continue Reading
New Backup Solution: Veeam Backup & Replication
New Backup Solution: Veeam Backup & Replication
As you may know, the Nutramax IT Team has been migrating our server infrastructure into a brand-new VMWare virtual environment...
Continue Reading