Keeping your information safe online is more important now than it’s ever been. One of the best ways to do this is by following password best practices. But what does that mean? What makes a password strong? How can you make sure yours is up to par? Let's break it down in simple terms.
Have you ever wished you had a personal password assistant? That's where password management systems come in. These systems can help you create strong passwords, remember them for you, and even change them if/when needed. Password management systems help to keep your passwords safe from prying eyes. We recommend management systems such as LastPass, 1Password, or Bitwarden.
Let’s get a little bit more technical. Many don’t even think much about password best practices until they are working to obtain certifications. One of the most well known compliance certifications is ISO 27001. Think of this as a set of rules that help a company keep their digital doors locked down. Their guidelines say that passwords should be at least 8 characters long. Passwords should also include a mix of letters, numbers, and special characters. It's like adding extra locks to your door to keep the “bad guys'' out. It is recommended to stay away from passwords like your name or birthday. Doing this is a little like leaving your spare key under the welcome mat. Regular password changes can also be beneficial in some environments, but not all. For example, if you utilize a password management system already, changing your passwords frequently is likely unnecessary.
So what does the National Institute of Standards and Technology (NIST) have to say about password best practices? These experts recommend opting for longer passwords over complex ones. Additionally, they advise against using predictable patterns or common words, such as the street that you live on, names of family members, etc. Checking against lists of common passwords is also emphasized to avoid easy targets for hackers. Another suggested strategy is using passphrases, which are easier to remember and more challenging to crack. Finally, NIST advises implementing lockout mechanisms to prevent unauthorized access after repeated failed login attempts, like changing the lock on a door after too many unsuccessful tries.
Remember these four rules to keep your passwords safe:
- Be Creative: Don't use obvious stuff like your pet's name or your favorite movie. Get creative and mix things up!
- Stay Random: Instead of using real words, try mixing letters, numbers, and symbols together. It's like creating your own secret code!
- Add Some Spice: Sprinkle in special characters like !@#$%^&* to make your password extra tough to crack.
- Go Long: The longer, the better! Aim for at least 12 characters to really beef up your password's security.
Making strong passwords is a major part of keeping your personal information safe online. There are tools like LastPass, 1Password, or Bitwarden that can help you make and keep strong passwords. There are also set standards that say passwords should be hard to guess and should be changed regularly, when necessary in order to stay safe. Experts from NIST say longer passwords, avoiding obvious patterns, and using phrases instead of just words are crucial. Following these practices and being creative with your passwords helps keep bad guys out of your accounts.