Have you noticed that password rules are getting crazier by the day?
On many websites, not only do they have to be eight or more characters long, passwords have to have an uppercase, lowercase and a numeral, contain a special character, not contain spaces, and more! The password rules list seems to be growing ever longer, with each site having its own unique set of rules.
Remembering these zillions of password combinations can make one pull their hair in desperation. To make matters worse, several websites also require us to change passwords periodically!
Common Password Mistakes
Remembering passwords can be such a frustrating experience that people often resort to using the same password on multiple sites. They write it down and store it is an unsafe place or save it on a file that can be easily hacked! Did you know that some of the worst passwords are the like the ones in the image on the right?
Security staff at companies and financial institutions constantly worry about the "best practices" for their organization and clients' cyber safety. An important consideration is the right length of time before changing passwords. Earlier thinking was that passwords should be changed at least once in six months. Recent studies however suggest that forcing people to change passwords is often counterproductive and a waste of time.
Human psychology is partly to blame for this. Instead of choosing a totally new password, most users merely add a character or two after their existing password if they are forced to make a change! Besides users tend to use the same password wherever possible so as to limit their ability to forget. Unfortunately in the wrong hands, it is like losing a single key to all your valuables.
So what can one do?
Here are some simple rules that should hopefully get you a safe password that you can count on.
- Make sure your password does NOT contain personal information that can be easily discovered.
- AVOID names of TV shows, celebrities, hobbies, sports.
- You SHOULD use upper and lower case and special characters.
- Your password SHOULD be 8 characters or longer.
- It SHOULD be hard to guess, so consider using words spelled backwards, abbreviating words, and using the first letters of each word in a favorite phrase of yours.
- Do NOT share your password with others, especially your email password which is the critical link to resetting other passwords and sites.