Good Password Practices








| credits: www.digitaltrends.com

 It can be difficult to choose a good password: the password should be fairly long and shouldn't be guessable, but at the same time it should be easy to remember. Here are a few reminders of good password practices:

• Choose a good password that will be hard to crack.
• Never share your password; you may be held responsible for any emails sent by people with whom you share.
• Don’t use the same password for all your accounts.
• Avoid using non-secure networks at places such as hotels, cafes, etc. to send private information.
• Change your password after using a non-secure network.
• Change your password with some frequency, (that is from time to time).
• Change your password after traveling abroad and using non-secure networks or machines.
•Never store your password in a program, even if the program or browser asks you to.
• Consider storing your passwords to departmental shared resources with IT Security.
• Never write down a password. If you do, be sure to shred it as soon as possible.

 Selecting good passwords
  • Use letters from a phrase or song lyric.
   Think up a phrase. For example, “Marx’s Communist Manifesto has 8196 words in it!”. Once you've decided on the phrase, choose the first (or last, or the second, or whatever) letter from each word.  Marx*’s* Communist Manifesto has 8196 words in it*!*” 
You’ll notice that this example includes all the punctuation. This is to improve the quality of the password.
So, your password would be M’sCMh8196wii!. It is a nice, long password with a good mixture of character classes.
  • Rearranging words with numbers.
    You can rearrange a particular word in the reverse order and then change the last five alphabet of the new word to the numeric equivalent to complete the password. i.e Ceremonious → Suoinomerec → Suoinom51853 or Apprehensive → Evisneherppa → Evisneh51816161. Note that the passwords begin with uppercase alphabets. Remember it should be fairly long, not guessable and at the same time should be easy to remember.
  •  Combine a few pronounceable nonsense words with punctuation.
  For example nuit+Pog=tWi. Pronouncable nonsense words are easier to remember than random characters. In this example the words have been combined together in a way that is similar to an arithmetic formula which makes it easier to remember. Here the password is nuit+Pog=tWi. You may want to use other punctuation for similar reasons.

   Handling many passwords

      In the modern Internet environment, people often find that they need to juggle multiple passwords for their email accounts, web sites they visited, and different Internet-based services that they wish to use. While it is impractical to create a completely different password for every web site or account, using the same password in multiple locations is very dangerous: if the password is stolen from any one of the places where it is used, it can be used elsewhere as well.

Below are a few ideas on various ways to handle the increasing number of passwords that seem to be required these days while not making the passwords easy to guess.

• Consider what the password is protecting when choosing a password.
• Some services may not require as secure a password if they do not contain any private information.
• Consider your password as multiple parts: a central core of the password and a prefix and/or suffix which is specific to the service that is being protected.
• The passwords protecting your most sensitive information should always be different than other passwords.
• Some groups may wish to securely store passwords with a third party to prevent the loss of passwords through any number of factors.



       You can share this piece on facebook, twitter, google+ or by email using the icons below.