🎂  Intersys celebrates 25 years! Read our story

Intersys Logo

Managed IT Support

A Reasonable, Fixed Monthly Fee for All Your IT Needs
Find out more

Consulting Services

The High Level IT Consulting Services You Need to Transform Your Business
Find out more

Cyber Security

A Comprehensive Range of Cyber Security Services for Robust, Industry-Leading Protection
Find out more

IT Solutions

Whatever your IT needs, we'll create a tailormade solution for you
Find out more

Choosing a more secure passphrase; good password hygiene

Simple passwords are extremely easy to compromise. Complex passphrases are not, but they are more difficult to remember. The balance you require will depend on the sensitivity of your company’s data, which your password is there to protect. Your level of password complexity may also include further ‘authentication steps’ (i.e. two factor authentication) and depends on the impact (reputational and financial) which a compromise could cause.

A computer system is only as strong as its weakest link
‘Password Complexity’ requirements for network and PC use can be enforced at computer and network level. Password complexity for third party systems such as websites and other software is less likely to be enforced by your company. In an ideal world, everyone would learn the skills needed to diligently ensure their own good password hygiene.

Password Hygiene
Use a Password ‘Safe’
The best strategy is to have a different password for every different website or secure logon you have. Most people could not remember all of these, so the use of a ‘Password Safe’ (eg http://lastpass.com), unlocked with your ‘master password’ can be extremely useful. These can securely replicate your password database between your mobile phone, computer and websites to ensure your passphrases are available wherever you need.

A corporate account can also be useful as a central business repository, possibly as part of a Business Continuity Plan.

Password Repositry

Choose multiple levels of password security 
If you cannot use different passwords, try using different ‘grades’ – for example use 3 passwords with the simplest reserved for unimportant website logins, a more secure one for sensitive information including social websites or those which store your credit card details and the most secure as your bank and network logins.

Hints and Tips for a more secure Password / Passphrase

Change Regularly
Changing a password every 30 days can be frustrating and disruptive. IF the rest of your corporate security has been changed to strongly resist compromise, then this can be lengthened to an interval of 60 or even 90 days, depending on your environment.

Don’t include your name, relative’s names or other associated words. 
If you told your password to your ‘best friend’, they should not recognise any link to you; no birthdays, children’s names, street name etc

Don’t include the word ‘password’
The word ‘password’ is one of the most common – and easily guessed – passwords.

Don’t reuse words from older passwords 
Iterating your password (password1, password2, password3) greatly increases the likelihood of compromise.
Misspell words Password cracking tools initially rely on dictionary attacks. instead of ‘geology’ try ‘geeology’

Increase its Length 
Minimum 8, preferably 10 or longer. Phrases can be useful (misspelt ‘a geology degree’ = ‘ageeologydegree’)

Capitalise
The more the merrier — alternating is even better: ‘aGeeologyDegreE’

Replace letters with numbers 
o=0, l=1, e=3 etc… becomes ‘aGee0logyDegre3’

Special Characters
Add characters or replace letters with punctuation or special characters try replacing a with @, ‘@Gee0logyDegre3!’ note that this has become quite a secure passphrase. More Examples of secure passphrases:
welcome home => W3lcome.H0me
merry christmas => !m3rry*Chr1stm@s
i believe i can fly => 1B3l1eve1C4n7ly.

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram