Passwords are the Key
Tip: While you safeguard your passwords, ensure that your security questions are taken care of, too. Your account can be equally vulnerable if security questions are not carefully selected.
How to set a strong password:
As we live and work online more than ever, there are so many applications/websites that require sign up with a username and password, and remembering all of them is challenging.
The average person has at least 30 passwords for daily life, across personal accounts and for their work devices and systems.
Obviously, some of them are more important than others.
Following are a few different methods you can try to set strong passwords that you still have a chance of remembering without compromising them, for example, by writing them down!
Create a Passphrase
A passphrase is longer than a password and contains spaces or symbols in between words, for example:
The road to success is always under construction!
A passphrase can also contain symbols or special characters, upper and lower case and does not have to be a proper sentence.
The passphrase could be the whole sentence typed out in full as shown above (making a very long password) or you could take the characters from the phase to make you password, for example:
As before, at least 15 characters is the recommended minimum, so we have typed one of the words out in full.
- Passphrases are easier to remember
- They satisfy systems that require more complex passwords.
- All major operating systems including Windows, Linnux and Mac allow passphrases of up to 127 characters long, so you can opt for longer passphrases for maximum security.
- Passphrases are very difficult to crack, brute-force or pre-compute.
Tip: Ensure that the phrase you choose is NOT a well-known quote, line from a play or song or something that could be easily guessed by someone who knows you, it is best if you make up a rhyme of you own.
Longer is Stronger!
To save yourself from a brute force attack, it is always advisable to go longer when it comes to character length. There are hackers who claim to be able to crack any 8-character Windows passwords in minutes with programs which try hundreds of billions of guesses per second.
Mix it up!
Use a combination of upper case, lower case, symbols or special characters and numbers in your passwords.
The more complicated you make it, the harder it is to crack it using brute force.
However, avoid well known patterns like swapping certain letters for numbers or symbols such as:
a=@, c=3, s=5, 0=o, 1=i, etc.
If your system allows, try adding a space-bar character somewhere in the password.
Sets of Passwords
Try to create a set of resembling passwords for each purpose, for example:
Group 1 = Strongest password with second factor authentication.
- Your login to your parish, school or diocesan computer (securing corporate systems and confidential data).
Always ensure this is totally unique and never re-use this anywhere else.
Group 2 = Very strong password plus other authentication method (multi-factor authentication)
- Personal banking (access directly to my funds)
- Online shopping accounts (transactions are made with these)
- Payment services e.g., PayPal
These allow access to your personal finances so they should be unique although they could follow a pattern which helps you to remember them.
Group 3 = Simpler password
- Sites used just for browsing but you never make transactions or give any personal credentials including your personal email address.
- i.e., if group 3 accounts were compromised, you wouldn't lose anything
Use a password manager program
Most password managers can generate very complex, random and unique passwords for you to use when signing-up for accounts and services, or you can add your own passwords into the PM Program.
The password manager is a bit like a vault inside which you keep your precious jewels. You will usually have one long, very strong password to open the vault and then you can cut and paste or copy the complex passwords out of the safe into the system you are logging into. Yes, it might take a little longer every time you need to login to anything.
Tip: You must not, however, forget the master password that opens the "vault".