Bill Carey
Bill Carey

It is exasperating the number of passwords that enterprise and individual computer users must remember, let alone manage. It lends itself to subconscious or overt rebellion, with users using a maximum of two to three common and recurring passwords for network and website access. Under this scenario, phishers rejoice – all the way to the bank.

That said, proper and effective password management involves more than diligently creating separate passwords for the network, ATM, website and telephone-based system access. Personal information is an unacceptable choice because they are easy to guess and hack. An infinitely more acceptable – and more importantly, secure – strategy involves smarter password creation and the use of formal password management systems.

Simple password creation and management involves such practices as employing a mixture of easily remembered capital and lower-case letters, numbers and symbols, using the first letter of each first word in a favorite song (i.e., “What Goes Up Must Come Down” by Blood, Sweat and Tears = WguMCDBst), changing your passwords monthly or bi-monthly, and choosing passwords typing a line above on the keyboard, e.g., DailyDouble becomes Eq8o6E97go3.

When the sheer number of passwords becomes too overbearing, too many to remember, professional password management solutions use a variety of encryption tools to create random passwords of more than 500 characters implemented with a single keystroke or two. Some go an extra step by requiring a stored URL – even to log a user onto a website.

Effective password management need not be a foreboding exercise that keeps system managers and individual users awake at night. Despite the fact that all passwords are subject to phishing, simple-to-complex management solutions can frustrate even the most sophisticated hacker, keeping your information secure and prompting the “bad guys” to look elsewhere.