Good password procedures imply that passwords be chosen with care and that they be secure and are changed constantly. Many sites have poor password practices and in many case the passwords have not been changed in years.
You need to balance ease of use with security. The password for you home computer may not require the same complexity as your Internet Banking Account
Criteria for Good Password Procedure
- At least 8 characters in length
- At least 1 number
- At least 1 special character
- Upper and lower-case characters.
Passwords to Be Avoided
When creating a password, don’t use personal information such as birthdays, children names, pet names or first and last names. Avoid using words or phrases that can be easily guessed. Please don’t use “password” or “123456“. These are the two most common passwords used. Hackers have compiled lists of the most common passwords. To get an idea of the most common poor passwords used, visit The Top 500 Worst Passwords
Good Password Practices
- Never share your password with ANYONE including your Administrators, Help Desk personnel or System Administrators. IT professionals at your job or Internet Service Provider (ISP) will not normally ask you for your password. If they do need it then you should give it to them in person and ensure you change it as soon as they are done with their task.
- Change your password often
- Be aware of your surrounding when you are typing your password. Watch for “shoulder Surfing” or people watching what you type as you are entering your password.
- If you use the web to access critical information (such as online banking, or medical information) ensure that the site uses some type of secured method of encryption. You will know this if the site’s URL begins with an “https.” SSL and Secure HTTP are sometimes indicated by a tiny lock in a corner of the page.
Techniques to Manage All of Your Passwords
It is best to memorise your passwords however if you have many passwords from work, home, online business ventures and the bank and you do not have a photographic memory, you may want to write them down and put it in your wallet. This simple and practical task is recommended by Senior Programmer for Security Policy at Microsoft, Jesper Johannson.