Passwords

The very first item that always comes up when talking about CyberSecurity is using good passwords.

When we talk about good passwords, we're not talking about passwords that are completely random. We're talking about passwords that are constructed well - passwords that couldn't be guessed by even your closest friend and that you can remember without recording on a yellow sticky on the bottom of your screen.(A password can be as secure as humanly possible and be completely useless if you cannot remember it)

To maximize security, a password should be longer than 8 characters, contain at least 1 number and have 1 or 2 special characters within it. Let's look at one method of creating a good password.

Crafting a Strong Password

When making a password, use something like a phrase that you will recognize and that you can turn into a password. Don’t use your family members name or my mother in law's name is Dragon

Use something a bit more impersonal, like The Rabbitohs are an great football team”. It's worth pointing out that if you are known as the Rabbitohs greatest fan, then this may not be the phrase for you! This is a good example of a starting phrase (and they’d be a great team if only... ). Take the 1st letter of every single word we've got. 'traagft' - we've got 6 letters that we can use as the foundation of a good password. So next step, we change the case of one of the letters from lower case to a capital – Possibly the first letter, 'T', or to throw people off the scent, we could capitalize the second letter, 'R', and the 'G'. 

Now, we've turned a simple password into a slightly stronger password. 'tRaaGft'. Next, add some numbers to our six letters. For example, you could add the four digits of the year that was the last time the Rabbitohs won a grand final. However, passwords should not guessable. If you are well known to be a avid Rabbitoh's fan, something like 'tRaaGft2014' may not be the best idea because it would be easily guessed by someone who frequents your social media. So you might like to take a decade off that number. Or possibly just put in a random 4 digit number.

So then we've got a password which is tRaaGft2004. Let's make this a somewhat more secure password by adding a pair of punctuation marks to the password - in this particular example, I'm gonna take the easy route as this is a demonstration. We'll put a full stop at the at the start of the password and an exclamation mark at the end of the password. So our password is now “.tRaaGft2003!”. 

We've gone from a easily guessed password to a more complex password that is otherwise a memorable password.

TRAAGFT -> .tRaaGft2003!

So going back to the very start: Create passwords that are complex enough to be useful, but relevant enough to you to remember. If you are going to record your password, preferably do it in something like a password locker app, and definitely not on a piece of paper on your desk or screen.   

Last warning - DON'T share your password or use the same password for everything you do. If people need access to documents or items that you have, use a proper system, where everyone accessing the files or systems have their own password. 

After all, shared passwords are known to be one of the biggest cybersecurity problems in the industry.  

 Mark lesson complete

Comments are closed.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}