One of the most important aspects of an IT security professional is being able to not only have a strong password, but also teach others in your company to follow this same password-making process as well.
You are only as strong as your weakest link, and we all know that most cyber-attacks start from human error. The dos and don’ts of making a secure password may seem tedious at first, but in the long run it’s the best option to stay protected.
First step, we will get rid of idiom “passwords” because now we will be creating “passphrases”. You don’t want to just use one or two words as the main part of your passphrase.
“She had them apple bottom jeans, boots with the fur”
You will now want to take the first or last letter from each word and cram them together, this will be the base of your passphrase:
“shtabjbwtf”
Next, you want to make a few of the letters capital:
“ShTaBjBwTf”
Try to have at least two letters capitalised. Now take your phrase and add a number or special character on the beginning/end of the phrase.
“7ShTaBjBwTf@”
The last step is to make sure it is 14 characters long or more. My example has only 12 so I would want to go back and add 2 more characters to the phrase:
“67ShTaBjBwTf@!”
There you have it – simple as that. Now you have a password that meets the length criteria and is well out of the scope of any dictionary attack. You will also have an easy time remembering this one because the base phrase is something that you have memorised anyway (a song or phrase). The idea is to find something that is easy for you, and only you, to remember for your base phrase, then the rest will fall into place after a few times using the password.
Creating a strong passphrase is very important, but never write down your phrases. It doesn’t matter if they are in a safe. Creating a super-secure password will do you no good if it can’t be memorised. Now let’s say that you have a lot of accounts with different passwords, you can solve this by getting a password locker. It is a tool that holds all of your passwords on your computer, with one master password to unlock the others.
This way you only have to memorise one secure password. Congrats! You can now train passphrase creation. Take what you have learned and spread this knowledge throughout your company. The employees are the first line of defense and need to be well prepared for it.
How much do you know about Internet security? Try our quiz!
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…
View Comments
I disagree. There is nothing wrong with copying your passwords to somewhere safe. Random character passwords of whatever length you wish can be created with /dev/urandom. I copy mine to two places, one being a secure USB flash drive. The only time the laptop and flash drive ever come together is when I need a password.