Tips to Make a Secure Password

PC, a server, a tablet, a smartphone, or any other digital device to access information, choosing strong passwords for the programs and services you use is essential. While a weak password may not always be the primary cause of IT services getting hacked, it can contribute greatly to the scope and severity of a hacking attempt.

To help you make the most secure passwords possible – both for administrators and for end-users – I’ve assembled ten bits of advice that should improve the strength and effectiveness of your passwords.

There are several third-party applications that can help you automate and enforce password policies or allows users to reset their own passwords.

1. Adopt a password change policy
One of the best defenses against stolen passwords is to frequently change the passwords being used. There’s always a balance between security on one hand and usability on the other, so forcing passwords changes too often can lead to an excessive burden on users.

2. Use caps and special characters
Passwords that consist solely of traditional text characters can be easier to guess and hack by attackers.

3. Avoid common words
It’s a tired old joke in IT circles: Many users adopt some of the most obvious and most insecure words for their passwords, ranging from the ubiquitous “password” to using their first names, name of their company, or the brand name of the monitor they were staring at when they came up with the password.

4. Enforce a minimum password length
In addition to comically simple passwords like “password” and “beer,” another common problem with many passwords are that they’re simply too short. “ABC” and “123” may be easy to remember, but they’re equally as easy for attackers to compromise.

5. Create unique passwords for each service
One of the ways that password breaches can become exponentially more damaging is if users are employing the same password on multiple services. If an attacker gains access to one service – say the corporate Facebook account – then he or she could potentially reuse that username and password combination on dozens of other cloud services.

6. Use a biometric fingerprint scanner
Biometric hardware has advanced significantly in the past few decades, so authentication methods which once seemed like science fiction – the ability to scan fingerprints, analyze typing patterns, or recognize a users facial features – are now a reality.