Blog

Tip of the Week: Taking Your Password Practices to the Next Level

Tip of the Week: Taking Your Password Practices to the Next Level

Passwords… can be annoying, if we’re being honest. They are, however, also incredibly important to your business’ overall security strategy. We’ve all heard the suggestions on how to create secure passwords. As it turns out, there is more to modern security then that. Let’s explore a few options to help you create useful passwords, and take a look why passwords are only the beginning. 

Don’t Neglect the Tried and True Rules

While we want a password to be easy to remember, we also don’t want it to be easy to guess. This is why we can’t help but shake our heads at the top-15 results of an analysis of data collected from the security website Have I Been Pwned:

  1. 123456 
  2. 123456789 
  3. qwerty 
  4. password
  5. 1111111 
  6. 12345678 
  7. abc123 
  8. 1234567 
  9.  Password1
  10. 12345 
  11. 1234567890
  12. 1123123 
  13. 000000 
  14. Iloveyou
  15. 1234 

Many of these passwords clearly break some of the cardinal rules of password security, such as ensuring that there is a mix of character types included in the password, making sure that the password is of sufficient length, or using obvious words, like “qwerty” or “password.”

What’s worse, it is probably a safe bet that many of the owners of these passwords had a tendency to recycle them across their accounts, putting more of their accounts at risk. None of this is a good thing for security, of course. 

You definitely should not be using the same password to get into different accounts. This is not a good practice. The reason is pretty easy to explain: If a password were to be compromised for one account, that would mean that multiple accounts would be compromised. 

A Proven Means of Securing Your Accounts

There are several different ideas about how to do this. One means is to use a passphrase - a series of random words, rather than characters, that is both significantly more secure than most passwords and is easier for a user to remember.

However, as is so often the case, you can start to encounter difficulties once the human element is introduced. We, as a species, tend to gravitate towards patterns, so we have difficulties creating a truly random series of words in our own.

To counter this, an IT professional named Arnold Reinhold developed Diceware, a reliable means of generating a passphrase for yourself.

Referencing the Diceware word list, roll five dice (or one die, five times) and find the corresponding word to the values you rolled. Repeat this process until you have a total of six or seven words, and you’ve got your passphrase.

Why the dice? Simple - it makes it much more random, even than a user “randomly” selecting words from the list of potential words to include.

A Demonstration

Let’s say we were to use this method now, and rolled the following number sets:

      • 21633
      • 16521
      • 31336
      • 13263
      • 52452
      • 33535

Referencing the word list, this gives us the following words...

      • Criss
      • Choke
      • Gluing
      • Bambi
      • Rust
      • Ice

...and, as a result, our passphrase.

The webcomic xkcd provides an illustrated explanation of why passphrases are so effective:

However, many users will understandably hesitate to use passphrases, because this means that - assuming they subscribe to best practices - they will have to remember a series of six completely random words for each of their accounts.

This is where password managers prove their worth. Utilizing a password manager to save your passphrases, and securing it with one, allows you to optimally secure your accounts without the need to worry about forgetting all of your access credentials.

For more means of improving your business’ use of technology, subscribe to our blog, or reach out to us directly at 603-889-0800.

Related Articles

  • Tech Term: What are Proxy Servers? While proxy server is a tech term that is frequently cited, it is not understood by a vast majority of people. Today we will describe what a proxy server is, and why organizations like yours use them. What is a Proxy Server? Simply put, a proxy server is a computer that acts as an intermediary be...
  • Tip of the Week: Awareness is Key to Mobile Device Security With more and more businesses relying on mobile devices for their business they have to be sure that the use of these devices doesn’t present security issues for the company. With all that is happening in business computing today, finding out how you can protect yourself in lieu of the prevalence sm...
  • Tip of the Week: 3 Ways to a Faster Boot Time Your time is valuable, so you don’t have time to waste on waiting for your Windows operating system to boot up. In the interest of saving time, today’s tip will go over three ways to speed up your Windows 10 boot time. Of course, you should always check with IT to make sure it is okay before you ...
  • Would You Fall for this Adult Scam if You Saw an Old Passwor... As you may expect, the average Internet scammer isn’t above resorting to dirty tricks to claim their ill-gotten prize from their victims. A recent scam demonstrates just how dirty these tricks can truly be, and unfortunately, how ill-prepared many are to handle them. To preface this scam, we need...
  • 4 Internal Threats Every Business Owner Should Understand In light of all the data leaks and vulnerabilities that have been brought to light over the past few years, network security has to be a priority for every business. One problem many organizations have is that while they are protecting their network and infrastructure from threats outside their comp...
  • What Could Possibly Be Wrong with Your Computer? Slow computers are one of the small annoyances in an office that can implicate a much larger issue is hidden. The frustration stems from not being able to get anything done, whether it’s because the computer isn’t responding to your commands or it’s so slow that you can’t accomplish anything notewor...
Had Enough?If your business seems to be caught in a never ending cycle of computer problems and complaints, perhaps you have been focusing on the symptoms rather than the source of the problem. The underlying cause is most likely a lack of professional IT management. At White Mountain, we take responsibility for the operation, management and support of your IT infrastructure. Don't settle for the IT systems cycle of torture,there is a better way, give White Mountain a call today...

- Onsite Service Coverage Area -

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH and then down into Boston. From Northern and Central Mass we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

603-889-0800

White Mountain IT Services
33 Main Street Suite 302
Nashua, New Hampshire 03064

 

 padlock1  Cyber Security Toolkit

cloud desktop2 Cloud Desktop Login

Open Positions