You sit down at your desk to begin another day and then the dreaded message window pops up on your company computer.
“It’s time to change your password.”
That’s when those familiar thoughts go through your mind: What word can I use this time? Should I put a number before or after? Maybe in-between? Is substituting an “@” for an “a” too obvious?
As it turns out, we might not have to sort through these thoughts anymore.
$0undS Cr@zY, rIGHT?
In a video produced by the National Institute of Standards and Technology (NIST), they have revised their suggestions for password creation. Here are their tips:
Don’t rely on passwords alone to protect anything you value
This one seems fairly obvious but it’s still important to remember. The NIST cites a statistic claiming 81% of hacking related breaches leveraged either stolen or weak passwords. Be sure to find other methods of security to protect your information. Like, for instance…
Turn on multi-factor authentication whenever possible
Many people use their cell phones for just about everything. Why not use it as a way to keep your information safe? You can link a cell phone number to an account, requiring that a person needs to correctly input both the password AND a verification code received via a text message. Think of it as another layer of security.
Use a phrase with multiple words that you can picture in your head making it difficult to guess but easy to remember
The days of symbols like @, %, $, and * are now gone. Simple phrases are now the preferred method for passwords. For instance, if we were to make a password out of our company letters DGC, we could pick something like, “donut giant cranky7.”
Give each account a unique passphrase, especially high-value accounts like your banking and primary email accounts
It’s never a good idea to use one password across multiple accounts. With these new password guidelines, it might be easier for you to have multiple password phrases.
For more information about password safety or other Information Technology-related issues, contact DGC’s Director of IT Tammy Yu at 781-937-5317 / firstname.lastname@example.org or DGC’s IT Manager Michael Lord at 781-937-5335 / email@example.com.