May the 5th is World Password Day and we have a great opportunity to talk to staff and management about passwords, or just think about how we choose and manage your own.
We frequently use the same device for work and home and the risks of an insecure password can be exponentially increased by password duplication across systems, apps or platforms and especially between work and home.
CESG has issued guidance suggesting that password changing is not a guarantee of good security and that constantly changing them should not be a matter of course. So the two schools of thought broadly are, long complex passwords that are changed very regularly or long or complex passwords that are kept unless incident necessitates their change or the user has met an agreed time period at which point they are happy to change.
OK so if we think carefully then, and take CESG advice, we would choose a robust password, that is non-dictionary and hold on to it for longer, rather than a less complex one that we might put at risk by writing it down somewhere because we can’t remember it, having had to change it so regularly.
While we’re talking bad passwords, here is a list of 2015’s worst passwords, some of these have not changed for years…
You can create a strong password in a variety of ways, remember you need to make it user friendly too (this is where we see the mistakes above frequently made) so here is a method you could try.
- Take a film, song, lyric or other memorable phrase that you can easily recall.
- Use the first and last letters of each main word
- take those first and last letters and then insert numbers and symbols to suit but not in a way that suggests a dictionary word
Now all you need to recall is where you put the symbols or numbers.
Happy World Password Day!
- Posted by Advent IM
- On 5th May 2016
- 0 Comments