Passwords Blog Header

Aaaaaagggghhhhh!!!!

Hands up if trying to enter a password has ever made you scream like this? I’m presuming there are a lot of raised hands!

Passwords undoubtedly can be a real pain at times, and unfortunately, many people tend to be quite lazy when it comes to their creation. However, you really shouldn’t underestimate the importance of having strong, individual passwords for each site you use.

Weak passwords, such as ‘1234’, ‘password’ and ‘qwerty’, are always in the lists of the top 10 most used passwords each year. And, not only are people using weak passwords, they are also guilty of using the same weak password across multiple sites.

Just take a moment to think about that, we are forever reading about websites being hacked, so if you have the same password across all of the sites you use, it only takes for one of those sites to become compromised to make you incredibly vulnerable.

So, we need strong passwords, but we also need a way of remembering them. I’ve tried many different methods over the years, but the one that has worked best for me- and, importantly, is consistently proven to be a highly secure method- is to use the characters from a pass phrase.

Pass Phrase

A “pass phrase” for me, is essentially a memorable sentence. I use the letters, digits and punctuation marks of that sentence in order to construct my password. For example, the phrase/sentence: Integratech are SAP Business One specialists and were founded in Worcester in 2001, becomes: IaSAPBOs&wfiWi2001. Now, IaSAPBOs&wfiWi2001 may look difficult to remember written down, but if you type the characters as you say the sentence (probably best not to do this out loud!) then it eventually becomes very easy. Of course, if you actually used the entire phrase/sentence as your password, then that would be even more secure! (82 characters including spaces, 70 without.)

Have a try yourself; think of a sentence that is more personal to you, or your business. Perhaps you could base it on a team you support, or a TV programme or film you enjoy? However you do it, just make sure to include some special characters and numbers in the sentence. (I find & and ! the easiest to incorporate for myself).

For further ideas on how to create stronger passwords, take a look at this article: National Cyber Security Centre password guidance.

(All links on this page open in a new window)

Okay, we’ve created all of our complex passwords, we now just need a way of remembering them! Clearly, this becomes increasingly difficult as we try to remember a different complex password for each site that we need to access. Thankfully, help is at hand!

Password Managers

Password managers, such as LastPass and Kaspersky Password Manager, are becoming increasingly popular as they assist in generating, storing and retrieving complex passwords. Passwords are stored in an encrypted database that is held locally and is only accessible by you. You create one strong master password, then use the program to create individual passwords for all of the other sites you use. You don’t need to know these additional passwords, as the login is handled automatically by the program, once the master password has been input.

For more information on LastPass, check out this page: How it Works – LastPass They also have some good ideas on how to change your password: 5 Tips to Change Your Password.

If you don’t want to use a password manager then you would need to come up with a system whereby you could easily remember each strong password you create. This is touched upon in this blog by Kaspersky: Password Day – Kaspersky Password Blog.

Following the tips in this post will hopefully mean you can avoid those Aaaaaagggghhhhh!!!!, moments. Incidentally, Aaaaaagggghhhhh!!!! would take 4 centuries to brute force according to Kaspersky’s ‘Secure Password Check Site’: Kaspersky Password Checker. (Although it does contain widely used combinations and repeated characters, so may not be that good.)

If you would like to talk to us about password creation or IT security, please call 01905 758900, or email us via hello@integratech.co.uk.

Article by Mike Cooper, Marketing Executive.

Please note these are only guidelines. Integratech cannot accept any liability should your data be compromised using a password that complies with the above advice.