Passwords are important. Think of them like the keys to the 'locks' on your digital accounts. Having strong, secure passwords is critical.
Think of it this way, if you had to hide your house keys every day when you leave for work, would you hide them in the easiest, most convenient spot so that you can get back into the house as quickly as possible when you get home? Just leave the keys in the door maybe? Would you leave your car keys in the ignition with the doors unlocked? It would certainly save you some time. No more looking for your keys or messing with that pesky process of unlocking the door.
No one would be shocked if a car was stolen and you later found out that the doors were unlocked and the keys were in the ignition. So why are we surprised when our data and personal information is stolen when we’ve basically handed over the keys to our virtual “home”.
Creating strong passwords is the best way to “hide the keys” from criminals. In this week’s White Board Wednesday video, Dillon takes us through some best practices for creating and saving passwords.
Password Do's & Don'ts with Dillon
- Don't use all uppercase or lowercase characters in your passwords.
- Avoid repeating characters in your password ("123ABC123")
Both of these things make it incredibly easy for a computer or a hacker to guess your passwords.
- Don't copy or reuse your passwords on more than one website.
A lot of times when a website gets compromised, the attacker will post these passwords online. They will also try to use your password to try and guess your other passwords and to access your social media or bank account.
- Don't check the "Remember My Password" button.
This saves your password on the computer (in your browser), so if your computer ever gets compromised, the attacker will have all of your passwords.
- Try not to make passwords that reference personal information such as pet names or family members' names.
This makes it much easier for an attacker to look at your Facebook and guess all your passwords.
Here's an example of a terrible password:
This password has no complexity, it's very short, and it's all uppercase letters. Another bad password would be something easy to guess, like the word 'password' or 'Huskers' (our Lincoln roots are showing!).
Better passwords contain:
- 8 or more characters
- uppercase AND lowercase letters
- numbers and symbols
- Do use a password generator if you can't think of a strong password
- Do use a credential management tool (password manager)
These will store all of your randomly generated passwords so you only need to remember one long, complex password to get access to your other passwords.
Dillon's breakdown of a strong password:
This password has symbols, uppercase and lowercase letters, and numbers. While they seem random, they are easy for the user (in this case, Dillon) to remember because they reference lyrics from a song:
i'm just a poor boy from a poor Family
Additionally, the numbers created a memorable pattern on the keyboard.
It's hard for an attacker to guess this type of password, yet still easy for Dillon to remember it. Hopefully his password tips and method of creating passwords can be helpful to you.