During a recent password audit at a company, it was found that a blond receptionist was using the following password:
When asked why she had such a long password, she said she was told that it had to be at least 8 characters long and include at least one capital.
Funny, huh? But seriously, that’s not a bad password! Throw in some random numbers and that would be a very secure one. Don’t make your passwords things like your dog’s name and your birthday or other things people can easily guess. And don’t make them standard dictionary words that brute force hackers can figure out by bombarding with lists of words.
Here’s some good tips from Lifehacker for safeguarding passwords:
- Passwords should be longer than six characters and include a mix of uppercase, lowercase, and special characters.
- Your password should never be a name, a slang word, or any word in the dictionary. It should never include part of your name or your email address.
- Use passphrases instead of passwords. Even if you’re limited on the number of characters you can use, turn a long phrase into a jumbled short one. “I like bread and butter, especially at breakfast time.” can become “Ilbab$eabt!”.
- Use a different password for every single site you access.
…If your password is compromised because of the stupidity of the people running the service you use, it doesn’t matter if you had an awesome password of enormous length and variety. If you use that awesome password on other services those services have now been compromised.
In all seriousness, I urge you to read the rest of the article, paying special attention to the additional links they include within it.