It is exasperating the number of passwords that enterprise and individual computer users must remember, let alone manage. It lends itself to subconscious or overt rebellion, with users using a maximum of two to three common and recurring passwords for network and website access. Under this scenario, phishers rejoice – all the way to the bank.
That said, proper and effective password management involves more than diligently creating separate passwords for the network, ATM, website and telephone-based system access. Personal information is an unacceptable choice because they are easy to guess and hack. An infinitely more acceptable – and more importantly, secure – strategy involves smarter password creation and the use of formal password management systems.
Simple password creation and management involves such practices as employing a mixture of easily remembered capital and lower-case letters, numbers and symbols, using the first letter of each first word in a favorite song (i.e., “What Goes Up Must Come Down” by Blood, Sweat and Tears = WguMCDBst), changing your passwords monthly or bi-monthly, and choosing passwords typing a line above on the keyboard, e.g., DailyDouble becomes Eq8o6E97go3.
When the sheer number of passwords becomes too overbearing, too many to remember, professional password management solutions use a variety of encryption tools to create random passwords of more than 500 characters implemented with a single keystroke or two. Some go an extra step by requiring a stored URL – even to log a user onto a website.
Effective password management need not be a foreboding exercise that keeps system managers and individual users awake at night. Despite the fact that all passwords are subject to phishing, simple-to-complex management solutions can frustrate even the most sophisticated hacker, keeping your information secure and prompting the “bad guys” to look elsewhere.