Security: Secure Passwords and Usernames
The Importance of Secure Passwords
The importance of having secure passwords cannot be emphasized enough. Rather than having to lock the barn door after the horse is gone, set up a nice tight fitting door now, starting with how you choose your passwords. That’s right, the word is plural. For every application that requires a password, for your peace of mind, you must choose a different one.
Right from the outset, it’s a good idea to ensure that each of your passwords are secure.
N.B. Never, under any circumstances, tell anyone else your passwords. Nor should you ever recycle other passwords.
In their article How Secure is my Password, microsoft.com suggests that your password be “at least eight (8) [characters] long”, to “include a combination of at least three (3) upper and/or lowercase letters, punctuation, symbols, and numerals”, and to never use “the same password for everything”.
It is essential that every one of your online passwords are secure. Here is an example of how to create a secure password: 2or3nos+CaPs+sp5llimgErrOrs
John Zorabedian (Naked Security) posted a very handy set of tips on his frighteningly revealing article “These are the 25 worst passwords of 2015 – did yours make the list?”
Tips for creating more secure passwords
1. Make your passwords hard to guess.
Avoid using things like your name, birthday, pet’s name, etc., that would be easy for another person to figure out. And don’t use those easy-to-guess words/numbers with trivial modifications, such as changing “a” to “@” and so on.
2. Make them as long and complex as you can.
Use at least 14 characters, mixing letters, numbers and special characters in hard-to-guess patterns. Another popular method is to combine several unrelated words or phrases […]
3. Consider using a password manager.
Password managers can generate long, complex and random passwords, and remember them for you. Just make sure to create a really strong password for the password manager itself […]
4. One account, one password.
Criminals who get a hold of one of your passwords will try it out on multiple accounts. Don’t reuse passwords – each of your accounts should have a unique password.
-John Zorabedian, Naked Security, These are the 25 worst passwords of 2015 – did yours make the list?, 16 January 2016
The Importance of Secure Usernames
In various programs, you may be prompted to enter your username, with an example already entered. For instance, you may see “Admin”. Immediately change this!
For your security, you should NEVER use the username “Admin”, “Administrator”, your website name, your website username, or your own name.
Your passwords and/or account information should never be stored in a public cloud, or in a Google Doc, or on your smartphone.
When a program (such as Firefox or Chrome) asks if you would like to save your password, choose “no”. This helps you to a.) remember your password and b.) foil a bot that has hacked into your firefox.
In fact, you should make it a policy to never store your passwords on any machine that can be accessed remotely. Write them down on a piece of paper BUT encrypt what you are writing.
For example, if your password was “Yest6RDay” you might write down “NotTomORR0w” with a little note that would tell you that the first letter and the 3rd and 4th last are uppercase and that the second vowel is replace with a “6”. Keep the piece of paper in a place that isn’t in a prominent place directly beside your keyboard….
Convoluted and alarmist? Maybe. But wouldn’t you rather that, than discovering that your website AND bank accounts have been wiped out?
For more about secure passwords, please see the following:
These are the 25 worst passwords of 2015 – did yours make the list?
Do you find passwords too darn hard? Then poetry’s your hidden card!
How to remember all your passwords and keep them safe
How to Create a Strong Password (and Remember It)
How Secure is my Password