How to Create and Maintain Strong Passwords in your SMB

Paul Mah
Slide Show

Five Tips for Keeping Passwords Safe

Check out the key issues your users should always be aware of when it comes to password security.

 

Just last week, I wrote about a recent survey by Symantec that revealed how the majority of users simply don't change their passwords. This is not totally unexpected, I suppose, which was what culminated in me writing the post "Password Management: What Employees Should Know" earlier last month. My rationale is simple; as stakeholders in the computer security of their organizations, it is in the interest for employers to play a part to educate their staffers on password best practices.

 

Anyway, PC Tools saw my post and sent along some practical pointers specifically addressing the topic of how to create good, robust passwords, which I reproduce below.

 

  • Use the first letters of a sentence that you will remember, e.g. "I have 3 cats: Fluffy, Furry and Shaggy" gives: Ih3c:FF&S, or "Bouncing tigers have every right to ice-cream" becomes: Bther2I-C.
  • Take the name of the Web site and then add your personal twist, like your height or your friend's home address (e.g. "AmazonOceanRd6'2").
  • Avoid using your own contact details like your phone number or house number.
  • Remove the vowels from a word or phrase e.g. "I like eating pancakes" becomes "Ilktngpncks".
  • Use a phrase from your favorite book and then add the page, paragraph or chapter number.

 


Even more pertinent, perhaps, users who are determined to ensure that they are well-served by strong passwords would be happy to know that automated random password generator tools are readily available. In fact, PC Tools has an online tool to generate passwords that will create new passwords based on selectable criteria used to determine complexity.

 

I gave the online Secure Password Generator a spin, and what I liked about it is how it is possible to create between one to 50 passwords at a go. Of course, as pointed out by IT Business Edge reader Luke in the comments section of my passwords post, using password management tools is important if users are to break out of rotating between only two or three passwords.

 

Luke recommended a password management software called Sticky Password, which he says has helped his company eliminate the problem of forgotten passwords. I haven't had the chance to try it myself, though it seems to come with sophisticated features such as being able to assign a Bluetooth device or removable USB key as a mandatory access device to unlock the password database.

 

Feel free to share any additional tips you might have on creating and maintaining strong passwords here.



Add Comment      Leave a comment on this blog post
Apr 12, 2010 8:23 AM John Barnes John Barnes  says:

Personal password managers don't cut it for companies.

We use Secret Server http://www.thycotic.com

It lets us integrate permissions with Active Directory, even automatically change passwords on accounts, manage service accounts, etc.

Reply
May 2, 2011 3:15 AM spyware agency spyware agency  says:

It is good practice to set a password which you can remember but at the same time you need to know that it should not be too related to you, like date of birth, name and address. Using numbers and underscore etc will help.

Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.