Password Guidelines

We use passwords every day. They are used to secure all types of data, from our personal financial information to our shopping and email accounts to the data we work with at the office. When we use weak passwords, like 123456 or ‘password’, the two most commonly used passwords, or any word in the dictionary, we make ourselves vulnerable to hackers and identity theft. Weak passwords are easily cracked by hackers. Using strong, unique passwords is a simple step that mitigates the potential of being hacked. The more layers of security implemented, the more secure your information will be.

Tips to use:

Below are a few tips and tricks you can use when creating or changing a password. Also included are some elements to avoid using to increase the strength of your passwords.

Use an acronym you create from a sentence, a favorite quote, or phrase. These are referred to as passphrases. Here is an example of a password, using Jack and Jill went up the hill to fetch a pale of water to create a password, J&Jw^th2f@poW ()
Use a minimum of 8 alpha-numeric characters and symbols
Use a combination of characters
1. Upper-case letters
2. Lower-case letters
3. Numbers
4. Symbols (Examples: ! @ # $ % ^ & * ( ) ~ ` < > ? : " { } | [ ] \ ; ' , . / )
Use similar characters in place of each other
1. Replace the O in octopus with the number 0
2. Use an upper-case letter in place of a lower-case letter
3. Substitute a letter (S) with a symbol ($)
Update your passwords regularly

Some things to Avoid

Any word you can find in the dictionary
Limit the use of repeating characters
Keyboard patterns
Single character type, such as all lower-case, upper-case, or all numbers
Using the same password for multiple applications, websites, or systems.
Never share your password
Never write down your password
Using passwords used as an example

I hope this information is helpful. Remember, the passwords we use are often the only thing keeping a hacker or unauthorized user from accessing our banking, credit card, or other sensitive information, unless you are using Multi-Factor (MFA) or Two Factor Authentication (2FA). To learn more about MFA, please read the article in this newsletter about that technology.

As always, if you have any questions, concerns, or need assistance, please let one of the IT staff members know. We are happy to assist you in any way we can.

Password must contain a minimum of 8 characters.
Password must contain at least one lowercase character.
Password must contain at least one uppercase character.
Password must contain at least one numeric character.
Password must contain at least one non-alphanumeric character.

References:

https://mediatemple.net/community/products/dv/204644370/strong-password-guidelines https://www.digicert.com/blog/3-reasons-for-strong-password-policy/https://www.webarxsecurity.com/website-hacking-statistics-2018-february/https://hostingtribunal.com/blog/hacking-statistics/

Chris Glase

VP of Information Technology

This email address is being protected from spambots. You need JavaScript enabled to view it.

Print Article

Download Newsletter

You may also be interested in...

Email Security

Phishing; you need to be aware

A fraudulent attempt to get sensitive and or personal information by acting like a trustworthy source

Phishing is one of the most popular ways in which to compromise a person or an organizations data and can lead to additional harm to both. Organizations have been victimized by a wide range of threats and exploits, most notably phishing attacks...

MFA Security

Multi-Factor Authentication and why it’s so Important

A process of verification in which access to a computer system is allowed only after presenting two or more pieces of evidence

Multi-Factor Authentication (MFA) is a security system that verifies a user’s identity by requiring multiple credentials. It is a critical component of identity and access management (IAM). Rather than just asking for a username and password, MFA...