Contact us today!
561-795-2000 
844-795-2001

FRS Pros Blog

Tip of the Week: Taking Your Password Practices to the Next Level

Tip of the Week: Taking Your Password Practices to the Next Level

Passwords… can be annoying, if we’re being honest. They are, however, also incredibly important to your business’ overall security strategy. We’ve all heard the suggestions on how to create secure passwords. As it turns out, there is more to modern security then that. Let’s explore a few options to help you create useful passwords, and take a look why passwords are only the beginning. 

Don’t Neglect the Tried and True Rules

While we want a password to be easy to remember, we also don’t want it to be easy to guess. This is why we can’t help but shake our heads at the top-15 results of an analysis of data collected from the security website Have I Been Pwned:

  1. 123456 
  2. 123456789 
  3. qwerty 
  4. password
  5. 1111111 
  6. 12345678 
  7. abc123 
  8. 1234567 
  9.  Password1
  10. 12345 
  11. 1234567890
  12. 1123123 
  13. 000000 
  14. Iloveyou
  15. 1234 

Many of these passwords clearly break some of the cardinal rules of password security, such as ensuring that there is a mix of character types included in the password, making sure that the password is of sufficient length, or using obvious words, like “qwerty” or “password.”

What’s worse, it is probably a safe bet that many of the owners of these passwords had a tendency to recycle them across their accounts, putting more of their accounts at risk. None of this is a good thing for security, of course. 

You definitely should not be using the same password to get into different accounts. This is not a good practice. The reason is pretty easy to explain: If a password were to be compromised for one account, that would mean that multiple accounts would be compromised. 

A Proven Means of Securing Your Accounts

There are several different ideas about how to do this. One means is to use a passphrase - a series of random words, rather than characters, that is both significantly more secure than most passwords and is easier for a user to remember.

However, as is so often the case, you can start to encounter difficulties once the human element is introduced. We, as a species, tend to gravitate towards patterns, so we have difficulties creating a truly random series of words in our own.

To counter this, an IT professional named Arnold Reinhold developed Diceware, a reliable means of generating a passphrase for yourself.

Referencing the Diceware word list, roll five dice (or one die, five times) and find the corresponding word to the values you rolled. Repeat this process until you have a total of six or seven words, and you’ve got your passphrase.

Why the dice? Simple - it makes it much more random, even than a user “randomly” selecting words from the list of potential words to include.

A Demonstration

Let’s say we were to use this method now, and rolled the following number sets:

      • 21633
      • 16521
      • 31336
      • 13263
      • 52452
      • 33535

Referencing the word list, this gives us the following words...

      • Criss
      • Choke
      • Gluing
      • Bambi
      • Rust
      • Ice

...and, as a result, our passphrase.

The webcomic xkcd provides an illustrated explanation of why passphrases are so effective:

However, many users will understandably hesitate to use passphrases, because this means that - assuming they subscribe to best practices - they will have to remember a series of six completely random words for each of their accounts.

This is where password managers prove their worth. Utilizing a password manager to save your passphrases, and securing it with one, allows you to optimally secure your accounts without the need to worry about forgetting all of your access credentials.

For more means of improving your business’ use of technology, subscribe to our blog, or reach out to us directly at 561-795-2000.

Google Knows a Lot About You. Here’s How to Contro...
Some of the Worst Data Breaches Since September

By accepting you will be accessing a service provided by a third-party external to https://frspros.com/

Mobile? Grab this Article!

QR-Code

Tag Cloud

Tip of the Week Security Technology Best Practices Productivity Business Computing Network Security Privacy Internet Hackers User Tips Software Cloud Google Innovation Efficiency Microsoft Hardware Data Hosted Solutions Email Business Management Communication Computer Windows 10 Tech Term Cybersecurity Smartphones Malware Mobile Devices Small Business IT Services IT Support Business Data Backup Android Backup Workplace Tips Disaster Recovery Office 365 Data Recovery Browser Outsourced IT Upgrade Smartphone Collaboration VoIP Windows Internet of Things Gadgets Phishing Apps Users Communications Cloud Computing Data Security Cybercrime Business Continuity Information Ransomware Automation Network Saving Money Managed IT Services Facebook Microsoft Office Managed Service Passwords Operating System Miscellaneous Mobile Device Management Employer-Employee Relationship Vulnerability Health Quick Tips Wireless Covid-19 OneNote Blockchain Two-factor Authentication Money Artificial Intelligence Alert Server Law Enforcement Social Media Best Practice Holiday Applications Chrome Mobile Device Mobile Office IT Support Virtualization Managed IT Services Information Technology Managed IT Networking Conferencing Spam Router Bandwidth Data Breach Password Google Drive Settings Data Storage Hacking Access Control Gmail Printing Windows 10 Save Money Bring Your Own Device Computers Managed Service Provider Retail Unsupported Software Augmented Reality BYOD Windows 7 Word Telephone Systems App Patch Management Project Management Tech Support Hard Drive Display Safety History Devices Telephony SaaS Human Resources Battery Proactive IT Touchscreen Hosted Solution Payment Cards Risk Management WiFi Avoiding Downtime Mobility Travel Search Paperless Office Excel Management File Sharing Fraud Wi-Fi Mobile Security Update Audit Vendor Politics HIPAA Meetings Evernote Shortcut Going Green Data Protection Social Google Assistant Government User Error Budget Hybrid Cloud BDR Voice over Internet Protocol Cost Management Wireless Technology Remote Workers Robot IT Management Cortana Data Management Marketing Data Loss WannaCry The Internet of Things Commerce Business Technology Productivity Application VPN iPhone Software as a Service Wireless Charging Sports Encryption Google Docs Copiers Training Data storage Gifts Computing Business Intelligence Solutions Consultant Windows Ink Chromecast Virtual Assistant E-Commerce Testing ROI Internet Service Provider Remote Monitoring Licensing Updates Memory Managed Services Provider Remote Computing Comparison Internet Exlporer YouTube PC CRM Outlook Computer Forensics Peripheral Instant Messaging Hacker Threats Video Conferencing IT solutions Microsoft Excel IT budget Inventory Credit Cards App store Chromebook Co-Managed Services Emergency Digital Signage Printer Google Maps Spyware Alexa for Business Specifications Virus Uninterrupted Power Supply Camera Windows Server 2008 R2 Microsoft Word Financial Payroll Point of Sale Facebook Privacy iOS WIndows Server 2008 Employees Entertainment AI Laptop Keyboard Scams Organization Windows 10s Transportation HBO Computer Care Nanotechnology Telephone Firewall PCI DSS Screen Mirroring Private Cloud Apple Employee Identity Theft Sales Proactive Projects Workstation Unified Threat Management Tablets Maintenance Security Cameras Office eCommerce DDoS OneDrive Smartwatch Touchpad Sync Files PowerPoint Admin Virtual Private Network Solid State Drive Storage Social Engineering Vendor Management Hosted Desktop Root Cause Analysis FAQ Disaster Hyperlink Processor Regulations Compliance Emails Cast Edge Recovery Compliance Break/Fix Computer Fan Websites Identity Printers Development Telework Upgrades NFL eWaste Machine Learning Scam Fiber Optics Employee-Employer Relationship Server Maintenance Remote Work Humor Wireless Internet Saving Time Education Hard Disk Drive Identities Samsung Smart Devices Charger Value Wasting Time Benchmarks Policy Ciminal Administrator Medical IT Holidays Data Theft Lithium-ion battery Data Privacy Micrsosoft Audits Personal Information Device Security Streaming Media Amazon Downtime Legal Investment Net Neutrality Adobe Workers Gamification Keyboard Shortcuts Managed IT Service IT Solutions Legislation Language 5G Antivirus Sabotage Troubleshooting Accessory Myths Procedure Webinar Reputation Access Monitors Mobile Computing Computer Accessories Congratulations Flexibility Music Smart Technology Television CrashOverride Text Messaging Company Culture Scalability Analytics Office tips es Communitications Advertising Black Market Cleaning Big Data Automobile Managing Stress USB Worker End of Support How To Books HaaS Video Games Experience Hiring/Firing Relocation Work/Life Balance Virtual Reality Regulation Current Events Electronic Medical Records Crowdsourcing Employer Employee Relationship Thank You Phone System Cache Benefits PDF Twitter Save Time