Password Guidelines
Description
Passwords. Everyone has at least a few to keep track of, and probably more than that. Unfortunately, in an ever-more digital world, that is a fact that is unlikely to change.
We all know that passwords are a security measure, but what does that really mean? Think of the thing being protected as something of great value to you (if you don’t already). Maybe it’s your brand-new sports car or that home where you like to stay safe. Your passwords are the keys to all of those things. That should make them equally important to you. Data, especially data that identifies a person or allows access to accounts, is among the most valuable and easily compromised items around, with all of the interconnectedness of our modern world.
Here are some guidelines for your passwords:
DO NOT SHARE THEM CARELESSLY
Do not write them on a sticky note and post them near where they will be used, or which could be lost or taken by any passer-by.
Do not put them underneath your keyboard. That’s one of the first places someone looking to get into your password-protected items will look!
DO look at and select a password vault of some kind to store them in, whether it be physical or software, and be sure to lock that, and update it every time a password is changed. A good software vault is Bitwarden. If you choose to use a software vault, make sure you record its password in a safe place.
CHANGING PASSWORDS (Only change them when there is a reason)
If it is a shared password, and one or more people who legitimately had access to it no longer should, it’s probably time to change your password, unless you prefer leaving the pathway to your valuable item(s) essentially wide open.
If you have had the same password for a long time, it is probably time to change it. Unchanged passwords are just asking for someone with nothing better to do to crack them.
If there is no access to the password, or what it protects, there’s little need to change it. For example, a password vault that isn’t shared with anyone.
CREATE SECURE PASSWORDS
Tips:
Make your passwords are complex. Your passwords should contain at least sixteen characters and use a combination of uppercase and lowercase letters, numbers, and special characters.
Use passphrases. Instead of just containing a single word, passphrases contain a phrase or sentence. If you use a passphrase, choose a unique phrase that you can remember, such as Pa$$wordSafety1sC0ol. Don’t choose a phrase that cybercriminals may be able to guess, such as a quote from your favorite movie.
Use a password generator. Password generators such as LastPass and 1Password can automatically create strong passwords for you.
Make sure all of your passwords are unique.
Passwords should not
Be variations of your old passwords
Be the same as your login name
Be an easily guessed consecutive string such as 12345 or ABCDE, or even 1234abcd
Be your SSN or some other important ID number
Be your name, or those of your family, or pets
Be an address, though that might otherwise be a reasonably secure password.
I.E. 123_My_House! ← While this fits all the “shoulds”, it is a bad idea!