Password Best Practice
Password Best Practice
Passwords are like the keys to your home/car but at work, it is the digital key to highly sensitive data. So why use a weak or simple password to access highly sensitive data?
…like our keys to your car, home and office… so is the password to our sensitive data…
Choosing a secure password is critical to maintaining security. When choosing a password your primary objective is to make it difficult for anyone trying to guess or hack your password electronically. Passwords should contain at least 8 characters as a minimum, and should include at least one numeric and special character (e.g. punctuation marks).
Top Tips for creating Strong Passwords:
- Use upper and lowercase characters (A-Z & a-z)
- Use digits from 0-9
- Use special characters such to: %£$*?’@
Password Dos and Don’ts
- Use/create a strong password – Use special characters
- Change your password regularly (every 40 days for example)
- Create a password with a minimum of 8 characters
- Use different passwords for different systems, applications where a single sign-on solution is not in place
- Use a password safe if there’s one available
- Be careful of shoulder surfers watching your keystrokes to remember your passwords
- Do make it random – for example, combine different themes/genre into one password – a word from a song, a poem, holiday, a movie etc.
Basic password practices to keep your password and access to your data secure:
- Do not share your password with anyone…not even your manager
- Do not use passwords or combination of characters that are easy to guess
- Do not use your favourite pets name, animal, colour, child name, date of birth
- Do not write it down and or stick it to your computer screen
- Do not use ‘password’, 123456, abcdef… for your password
- Do not use your username or login as your password
- Do not use a word or phrase spelt backwards
- Do not repeat your passwords by changing, or adding another number or letter at the end
- Do not repeat any of you last series of passwords
- Do not use dates as a means of creating your password – i.e. September2011
- Do not use the same password for personal use for work
- Do not substitute letters for number – for example: password changed to: p055w0rd
- Do not use any of the examples given in this document as your password
- Do not use standard dictionary words
- Do not allow or tick the box or agree to any saving of your password in any forms you fill in online.
Examples of a weak password
- A blank password field, something that is easy to guess, the name of your pet, birthdays, favourite colours etc.
Examples of a strong password
- A password with a minimum of 8 characters containing one or more of the following: ?%1$*)#@]£ and
- A password containing upper and lower case and spaces
EXAMPLES OF PASSWORD BREACH IN THE PRESS
eBay Password breach: http://www.bbc.co.uk/news/technology-27503290
Very Good examples: http://www.pcworld.com/article/2089244/the-25-worst-passwords-of-2013-password-gets-dethroned.html
>>….. >> Here’s the full list of the worst passwords from 2013, according to Splashdata:
Any of those familiar?