Five recommendations for password protection

Passwords

May the fourth be with you! Today is 4 May, also known World Password Day. How do you record your passwords? Do you save them in your computer browser’s history or in sticky notes on your computer? Have you considered using a program to help you manage these?

Personally, we have over 500 passwords to manage, let along the number we manage on behalf of our clients for their servers, computers and websites. We strongly suggest a good password policy is put in place in all organisations and provide the following recommendations:

  1. Set strong passwords and use different passwords for different accounts. If this is too difficult, use different passwords for different groups of services. We don’t believe it is practical to have different passwords for every account you may have (unless it is financial or business critical)
  2. Change your passwords regularly, at every three months. Some services require you to change your password more or less often, however the more often you change your password the less chance of it getting into the wrong hands!
  3. Select ‘no’ when the computer offers to automatically remember your password. These can be accessed by password viewer that can scan and access passwords saved in your computer’s memory.
  4. Make the password complicated and not a word that can be found in the dictionary or easily guessed. Depending the service you are setting it for, the password may require more complicated, but at least choose a password that contains:
    • At least eight characters
    • Upper and lowercase letters
    • At least one number and symbol
      You can make a sentence and use the first letter of each word changing some of the letters to symbols and other characters. For example, “The Brisbane Broncos will win in 2017!” becomes TBBwwi2017!.
  5. Use a password-protected document or spreadsheet, or a program such as 1Password, LastPass or KeePass. If you have a list of passwords on your computer make sure you encrypt it. If you do decide to keep a printed copy or a password somewhere, this should be kept securely in a safe place.

As the number of devices in own possession grows and number of websites increases, so will the need to effectively manage our passwords. We trust these tips help you manage your passwords. If we can be of any assistance, please feel free to contact us for further advice.