Dan Wons
This childhood joke popped into my head the other day as I was working on strengthening the password policy at work. Of course, everyone is afraid of 7 because 7 ate 9. It was suggested to me that we should increase the minimum length of our passwords from six characters to eight.
I had to ask if it really made that much difference. The answer was a resounding yes, and as it turns out, the longer the password gets the exponentially more difficult it is to hack. For example, even a simple all-lower case 8-character password has 200 billion more possible combinations than a 6-character password. If you are wondering why your work or bank is asking you to use upper and lower case letters along with some numbers and special characters, it’s because there are over 7 quadrillion possible combinations for your password with those parameters.
It’s important to keep your password safe, secure, and difficult to guess. Your password is often the last line of defense in keeping your information safe. If someone knows your password, either by you sharing it or them hacking it, there is no stopping them from logging into systems as you and then doing whatever they want. The troubling thing about this is that their actions will look to the computer system as if you are the one performing them. They could clear out your bank account, order 200 lbs of cheese, send offensive emails to the CEO, etc. Think of how many website passwords you have: iTunes, Facebook, Twitter, newspapers, your bank account, health insurance websites, etc. Do you have the same password for all of them? Is it the same password you use at work or at home to log into your PC? Are all the sites that you input a password into secure? If you are using the same password across all sites, you are putting all of your personal information, as well as your reputation, on the line.
Here are some best practices for choosing secure passwords:
• Never write it down and/or leave it near your PC.
• Don’t use the same password across different sites.
• Don’t use personal information in your passwords (like children names, or birthdays).
• Use a combination of upper and lower case alphanumeric characters.
• Use special characters, if allowed (!@#$%&, etc.).
• Change your password often, every 90-180 days is best practice.
• When changing passwords, don’t just add numbers to the end of the last password.
I can tell you why I am afraid of 7….that’s how many websites I use 8 character passwords made up of my son’s birthday and daughter’s name….and I haven’t changed that password in over 9 years. Time for me to make some changes!
BTW, did anyone know that its National Cyber Security Month?