Five simple steps to a truly secure password by Alex Smith, Director, Intermedia on 02-May-2014

The Heartbleed bug, a major internet security flaw, recently had businesses scrambling to change their passwords. But now the dust is starting to settle, it's time for organisations to create strong passwords which will have the best chance of protecting their information, says Alex Smith, director of sales engineering at Intermedia.

In the era of Big Data, erecting a strong security wall has become more important than ever and a password is a business' first line of defence. Here are my five top tips to help you create a strong password.

1. Go BEYOND the '8 character wall'

   Password strength

   
   

   Password	Time to crack
   password	2.17 secs
   Pass-wØrd	2.43 months
   Pass-word123	1740 centuries
   Pass-word12345	15.67 million centuries

   
   
   
   Passwords with 8 or fewer characters are worthless. Even though there are zillions of password combinations, a determined hacker with a botnet (or even a legal cloud computing platform) at his or her disposal can crack it in seconds. Make it 12 characters and it suddenly takes far more resources and time than the hacker will deem it worth. To see for yourself take a look at the insert box and check this out.


2. Create UNIQUE passwords. One for every site
   Hackers love going after innocuous sites because they know that people often use the same password across more valuable sites, like their online banking. Plan for the eventuality that one of your accounts will be breached - never use the same password twice.


3. Get VERY creative
   Take a look at this list of the 100 most common passwords found in a batch stolen from Adobe. If your password is on there (follow the link) - or, more importantly, if your password is even barely recognisable as English – it isn't secure enough.


4. Religiously change passwords every six months
   Assume that one of the sites you use will be hacked - the best protection is to habitually change your passwords.


5. Use a secure password management service to simplify your life
   These services enable you to manage passwords from one location. By using computer-generated passwords, a password management service will create one that isn't in the top 100 million of human-made passwords. What's more, the service will automatically change passwords for you and store them in an encrypted wallet. The only snag is that forgetting the master password can mean you're locked out – but that's a small price to pay for your security.

return to BW briefs