If you're wondering how to create a strong password that is also easy to remember, we have some password tips for you
That's because the most recent cybersecurity guidance on making a strong password says using a long phrase you might say or be familiar with is a more secure password then a bunch of random or mixed up characters like p@$$w0Rd!.
Ask yourself this question: Is there a phrase you say on a regular basis to your friends or family? One you can picture in your mind? Here are a few examples from my life right now:
"HasAnyoneCheckedontheCatsortheRabbitToday?!?" This is a phrase I often say to the kids when I come home from work and all the animals are out of food. (By the way, the answer usually is no.)
Or here is some inspiration from a concert our SecureWorld team went to after our recent cybersecurity conference in St. Louis:
What this ticket on my desk says could become a password phrase for me: "!TaylorSwiftReputationStadiumTour2018!"
NIST, the National Institute of Standards and Technology, issued new password guidelines in 2017, and says you should stay away from song lyrics or popular movie lines by themselves, but you could make it part of a phrase: "MyfavoriteMovieLineiswhenClintsaysMakeMyDay@!"
Notice in all of these examples, I've used upper and lower case and some sort of special character or characters. Anything you can add to the passphrase makes it stronger.
How long can a password be? Well, it depends. US-CERT, which tracks and issues alerts about cyber vulnerabilities, says most networks require passwords to be 8-64 characters in length. None of the phrases above are more than 50.
How to remember your passwords
When it comes to remembering your passwords, some of them will be easier to remember and harder for hackers to guess with their automated computer systems if you go with a passphrase you can picture in your mind.
However, check out the third part of this graphic on safe passwords from NIST:
It is crucial to make each of your passwords different because hackers automate the process of taking a stolen username and password and running it against other sites you might also log into.
This includes running them against banking sites, shopping sites, and social media sites—things you do not want hackers to have access to.
How in the world is that possible in this day and age?
Most cybersecurity experts suggest using a password manager app or program.
Our team can vouch for using Keeper, and the one our traveling team hears about most often among cybersecurity professionals is LastPass.
We hope this helps you stay cyber safe at home, on the road, and at the office because these areas of your life are often linked when it comes to usernames and passwords.
NOTE: This article was first published in October as part of National Cyber Security Awareness Month (NCSAM). NCSAM is a collaborative effort between DHS and its public and private partners—including the National Cyber Security Alliance (NCSA)—to raise awareness about the vital role cybersecurity plays in the lives of U.S. citizens. For more tips and resources, visit https://staysafeonline.org/ncsam/.
