So what is good password security hygiene?
Its important to have good password security in order to stop the bad guys from logging in with your account, easy to guess and common word passwords can be cracked with many different brute force tactics. In my opinion the following attributes class as good password hygiene:
- No Dictionary words – these can be cracked very easily, even with numbers at the beginning or end.
- Use a strong complex password containing:
- Minimum of 9 characters (more like 15)
- Must contain numbers
- Must contain special character
- Must contain symbols
- Change your password periodically – with a large complex password I’m not so fussed about this. If I’m alerted to the fact I need to change my password it would indicate to me its potentially been compromised. Or unless I know it has been compromised then I will change it.
- Don’t use the same password for different services. eBay, PayPal and your email account should all have different passwords!
- Use two factor authentication where possible.
Alternatively, you could save yourself the headache and use a password manager. However does this then bring into question whether the ‘PASSWORD’ is now obsolete? I don’t have the answer to this question, however what I do know is that these days its my password manager that logs me in to services like eBay I don’t have a clue as to what most of my passwords are. They are all so complex and I have so many I wouldn’t be able to remember them if i tried. Is it time for a new authentication method?
What are your thoughts?
But what other authentication methods are there? I know there is talk about retina scanning, fingerprints etc. and these are great until they’re compromised and then we have no way to change them! Maybe public and private key sharing holds the answer – I would love to understand more about it – I’m just a techy newb 🙂