Lock the Doors: 3 Keys to Superior Password Management

Password ManagementOne of the most overlooked aspects of security lies in password management and selection.  Since it is really the first line of defense, password management plays a major role in the overall security of your organization.  In this article, we will discuss some of the downfalls of password management both on a personal and enterprise level.   If you and each team member in your organization can follow these 3 very simple keys, you can be sure that you are doing all you can to protect your sensitive and personal information.

3. Don’t Take It Personally

Many people try to select passwords that remind them of something in their lives.  Children’s or Spouse’s names are popular, as are birthdates and anniversaries.  Now let’s discuss why this is not such a good idea.  Social Media outlets make it incredibly simple for potential hackers to view a number of data points surrounding your life such as what we have mentioned above.

Password Management Solution

Keep your passwords out of your personal life.  Be sure that your password does not involve any personal information or dates as they may be easily uncovered through other outlets.  Below is a list of commonly used personally identifiable information in passwords:

  • User Name
  • Pet’s Names
  • Children’s Names
  • Spouse’s Names
  • Birthdays / Anniversary Dates
  • Alma Mater
  • Hobbies

2. Size Matters

As the world becomes more complicated and hacking methodology becomes more sophisticated, it is important to take the size of your password into account.  There are two basic ways to physically and remotely hack a password:

  • The Dictionary Method – This method runs an algorithm containing each word in the dictionary.  If your password is one of those words, consider yourself hacked.
  • The Brute Force Method– This method cycles through every possible password combination until the correct combination is found.  NOTE: Though incredibly time consuming, this method is still used and is still very successful today.  Increased computing power continues to decrease the amount of time required to do this.

Assuming that you have not used a term found in the Dictionary, the size of your password becomes paramount in protecting your information.  When the Brute Force Method is applied it will search until the correct combination is found.  For example, if your password is 8 characters, then there are 1,969,738,028,800 possible combinations.  With almost 2 Trillion combinations you may be able to deter the attack based on sheer size of your password.  The time needed to compile the correct combination may deter the impatient hacker, while creating a “time vortex” for the patient hackers.

Password Management Solution

Choose passwords that are not found in the Dictionary, (if you do, partner those words with our #1 key) but also choose words with some type of length as to deter Brute Force attacks on your password.  We also suggest making your password at least 8 characters.

1. Diversify

One of the most common mistakes is the lack of numeric and secondary or “special”  characters.  By diversifying your password you will make it harder to crack and more difficult to breach.  A number of people use such passwords as “Michigan” or “Wolverines” for example.  If a social engineer knows that you are a die-hard Michigan Wolverines fan this may be the first place they start when trying to crack your password. By simply placing special characters and numbers behind the word makes the password much harder to identify.

Password Management Solution

The diversification of your password not only includes numeric characters but also secondary or “special” characters such as “$” or “!” or “@”.  A combination of symbols and numbers can complicate the lives of a hacker significantly while providing greater safety and security for your information.

Password Management Review

Password Management Best Practices:

  • Use combinations of letters, numbers and symbols to create a stronger password
  • Make sure to change your password regularly and sporadically to deter hackers
  • Remember that the longer your password is, the harder it will be to compromise
  • Don’t use words that are easily related to your life, family, or interests

If you would like to learn more about how to protect your passwords and other methods for protecting your organization’s sensitive information, please CONTACT US for more information.

Subscribe Today to receive our monthly email newsletter
including new blog articles, news, and security awareness tips!