One of the most important aspects of an IT security professional is being able to not only have a strong password, but also teach others in your company to follow this same password-making process as well.
You are only as strong as your weakest link, and we all know that most cyber-attacks start from human error. The dos and don’ts of making a secure password may seem tedious at first, but in the long run it’s the best option to stay protected.
First step, we will get rid of idiom “passwords” because now we will be creating “passphrases”. You don’t want to just use one or two words as the main part of your passphrase.
“She had them apple bottom jeans, boots with the fur”
You will now want to take the first or last letter from each word and cram them together, this will be the base of your passphrase:
“shtabjbwtf”
Next, you want to make a few of the letters capital:
“ShTaBjBwTf”
Try to have at least two letters capitalised. Now take your phrase and add a number or special character on the beginning/end of the phrase.
“7ShTaBjBwTf@”
The last step is to make sure it is 14 characters long or more. My example has only 12 so I would want to go back and add 2 more characters to the phrase:
“67ShTaBjBwTf@!”
There you have it – simple as that. Now you have a password that meets the length criteria and is well out of the scope of any dictionary attack. You will also have an easy time remembering this one because the base phrase is something that you have memorised anyway (a song or phrase). The idea is to find something that is easy for you, and only you, to remember for your base phrase, then the rest will fall into place after a few times using the password.
Creating a strong passphrase is very important, but never write down your phrases. It doesn’t matter if they are in a safe. Creating a super-secure password will do you no good if it can’t be memorised. Now let’s say that you have a lot of accounts with different passwords, you can solve this by getting a password locker. It is a tool that holds all of your passwords on your computer, with one master password to unlock the others.
This way you only have to memorise one secure password. Congrats! You can now train passphrase creation. Take what you have learned and spread this knowledge throughout your company. The employees are the first line of defense and need to be well prepared for it.
How much do you know about Internet security? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…
View Comments
I disagree. There is nothing wrong with copying your passwords to somewhere safe. Random character passwords of whatever length you wish can be created with /dev/urandom. I copy mine to two places, one being a secure USB flash drive. The only time the laptop and flash drive ever come together is when I need a password.