Previous Tips have warned of the use of easily-guessed passwords, and have provided suggested methods to strengthen them, including use of:
- different passwords for different sites and applications
- special characters (e.g., "@", "#", "&")
- irregular caPitaliZatiOn
- a looooooooooooooonger word
The typical eight character minimum is no longer suggested or best practice, as they are easily cracked by a "brute force" attack. Using at least twelve, and perhaps fourteen, characters, is much preferable. Also, stay away from dictionary words which are more easily cracked. The problem, of course, is that the longer and odder the password, the more likely it will be forgotten. One method to address this is by using a password manager or locker such as LastPass, Password Safe, SplashID or Norton Identity Safe, which requires you to memorize only one complex password.
One of the most commonly-recommended, and effective, password suggestions is to pick a phrase that only you would know and only you would remember, then convert it to letters, numbers and symbols, such as 2BontBtit?WS (To be or not to be that is the question William Shakespeare). Or better yet, the use the phrase backwards.
Hackers are smart, persistent, and dedicated, but no match for conscientious users.
Check out our series, Privacy Perils, to learn what steps you can take to guard your personal and company data. For more information about this topic and other cyber security concerns, please contact Bob Brewer, Tony McFarland, Elizabeth Warren or a member of our Privacy & Data Security team.