How to Design a Better Password

Jennifer Noto Security Leave a Comment

If you are like most people, your current network password is the same one you’ve had for over a year. It’s the same one you use for many sites, and it’s not too complicated so you can remember it. There’s a good chance it’s even on this list of the top 25 most common passwords of 2016. If you get hacked, all of your accounts are at risk. You are a risk to your organization, and one compromised web server away from a huge financial headache. We can do better.

Here’s a quick primer on how to create a great password that you can remember without writing down.

  1. Pick a song, a phrase, Bible verse, or a mantra. For instance, I like Metallica, and the second stanza of their song “One” starts with: “Now that the war is through with me”. Pull the first letter from each word, it’s easy to remember, capitalize the first letter. (Nttwitwm). This becomes your “base”.
  2. Pick a symbol as a standard, and put one at the front and one at the end of the base. (*Nttwitwm*)
  3. Pick a number that has significance to you, and put the last two digits at the end (or beginning)*Nttwitwm*33 This becomes your modified base, each login will use a flavor of it, but be customized for that particular application.
  4. The last two characters are something about the login, so, for instance, email would add “EM”. Your main database could be DB, your CRM might be MM (Money Maker). You could put these letters at the beginning, end, or split them on either side. So, my password for my CRM might be *Nttwitwm*33MM.
  5. When time comes to change (every 90-120 days), just increment your numbers and change your symbols. Easy to remember, but complex. Different password for every login. Make up your own formula, using other memory clues that have meaning to you.
  6. Lastly, use some type of secure password manager to keep track. Keepass, Lastpass, and Dashlane are all good choices. Read the reviews and choose the one that fits best for you. By doing this, you’ll have a password that is better than 99% of the passwords out there, and you make yourself a hard target. No password is completely hack-proof, but by doing this you will dramatically reduce your risk.

For more information on how we can help with network security, contact us today.

Leave a Reply

Your email address will not be published. Required fields are marked *