Practice Safe Passwords: A Quick Guide to Password Security

Your server is only as secure as your weakest password. As a rule of thumb, the more lengthy and complex a password, the stronger it is. Follow the best practices below for generating difficult to crack passwords.

Best Practices

DOs

  • DO Use Passwords of At Least Ten Characters: The more characters, the more difficult a password is to crack. Length is key. Create lengthy passwords of at least 10 characters!
  • DO Create Unique Passwords: Each password you use should be for a unique service (ex. cPanel, MySQL, and your bank account should all have different passwords).
  • DO Use a Combination of Character Types: Use numbers, lowercase letters, uppercase letters and symbols in your password. (ex. XkeDZaJ6QG3E8!jKq3%yIOd3)
  • DO Change Your Password Often: Change your passwords at least every six months, if not every three months.
  • DO Randomly Generate the Password: Use one of the following sites to generate a secure password: Norton by Symantec, Random.org, or Random Password Generator

DO NOTs

  • DO NOT Use Dictionary Words: This one should be obvious. If your password is pizzatime, your server is probably already cracked.
  • DO NOT Use Pets, People, Places, Events, etc.: We’re absolutely sure your dog is adorable. But, her name probably isn’t a good password. Unless her name is Tmb1W\>r~ii, then that’s cool.
  • DO NOT Reuse Passwords: Let’s say your first password for an account was gCB7%TT^Vm but you were forced to change your password, so you changed it to v8@#TsVaiQ. If you have to change the password for that account again, do NOT go back to gCB7%TT^Vm. Create a new, unique password instead!
  • DO NOT Use Adjacent Keyboard Strings: qwerty1234 is not a good password.

Examples

BAD Passwords
awesomedog
sunshine12
coolguy18
kerri28
password
root
jasonthehoff
jimhalpert

GOOD Passwords (but don’t use these)

Tmb1W\>r~ii
Da$up#aPhAJ*cRe3
*@7X#JjI6j4e#cC2axjFz%j@
gCB7%TT^Vm
v8@#TsVaiQ
8c0e^zi&ISEk%9&0Wa

Remembering Passwords

A password like *@7X#JjI6j4e#cC2axjFz%j@ is likely going to be difficult for most people to remember. But, a long password is difficult to crack, and can be crafted from some common piece of information. A joke, a hobby, a book/movie quote, or an interest of some sort can be used as the basis for a secure password. Take the quote, “Life — uh — finds a way,” from Jurassic Park. We can build this into a secure password by changing out some characters and adding a few numbers: L1f3-;uH;-F1nd54wAy! That’s a secure password that would be much easier to remember.

Password Managers can remember passwords for users. Keep in mind, however, that a Password Manager is a gateway to ALL of your passwords. Having one password that can access all the rest of your passwords and sites is certainly very risky, and against best practices.



Tagged with:

Published by

Be Sociable, Share!
Here's $75, Launch a New VPS Today. Find out why 30,000 customers have chosen our Best-in-Class Performance & 24x7 Heroic Support.