Practice Safe Passwords: A Quick Guide to Password Security

Your server is only as secure as your weakest password. As a rule of thumb, the more lengthy and complex a password, the stronger it is. Follow the best practices below for generating difficult to crack passwords.

Best Practices

DOs

  • DO Use Passwords of At Least Ten Characters: The more characters, the more difficult a password is to crack. Length is key. Create lengthy passwords of at least 10 characters!
  • DO Create Unique Passwords: Each password you use should be for a unique service (ex. cPanel, MySQL, and your bank account should all have different passwords).
  • DO Use a Combination of Character Types: Use numbers, lowercase letters, uppercase letters and symbols in your password. (ex. XkeDZaJ6QG3E8!jKq3%yIOd3)
  • DO Change Your Password Often: Change your passwords at least every six months, if not every three months.
  • DO Randomly Generate the Password: Use one of the following sites to generate a secure password: Norton by Symantec, Random.org, or Random Password Generator

DO NOTs

  • DO NOT Use Dictionary Words: This one should be obvious. If your password is pizzatime, your server is probably already cracked.
  • DO NOT Use Pets, People, Places, Events, etc.: We’re absolutely sure your dog is adorable. But, her name probably isn’t a good password. Unless her name is Tmb1W\>r~ii, then that’s cool.
  • DO NOT Reuse Passwords: Let’s say your first password for an account was gCB7%TT^Vm but you were forced to change your password, so you changed it to v8@#TsVaiQ. If you have to change the password for that account again, do NOT go back to gCB7%TT^Vm. Create a new, unique password instead!
  • DO NOT Use Adjacent Keyboard Strings: qwerty1234 is not a good password.

Examples

BAD Passwords
awesomedog
sunshine12
coolguy18
kerri28
password
root
jasonthehoff
jimhalpert

GOOD Passwords (but don’t use these)

Tmb1W\>r~ii
Da$up#aPhAJ*cRe3
*@7X#JjI6j4e#cC2axjFz%j@
gCB7%TT^Vm
v8@#TsVaiQ
8c0e^zi&ISEk%9&0Wa

Remembering Passwords

A password like *@7X#JjI6j4e#cC2axjFz%j@ is likely going to be difficult for most people to remember. But, a long password is difficult to crack, and can be crafted from some common piece of information. A joke, a hobby, a book/movie quote, or an interest of some sort can be used as the basis for a secure password. Take the quote, “Life — uh — finds a way,” from Jurassic Park. We can build this into a secure password by changing out some characters and adding a few numbers: L1f3-;uH;-F1nd54wAy! That’s a secure password that would be much easier to remember.

Password Managers can remember passwords for users. Keep in mind, however, that a Password Manager is a gateway to ALL of your passwords. Having one password that can access all the rest of your passwords and sites is certainly very risky, and against best practices.

Be Sociable, Share!
Here's $75, Launch a New VPS Today. Find out why 30,000 customers have chosen our Best-in-Class Performance & 24x7 Heroic Support.