Passwords: The Good and the Bad

In this era of increasingly sophisticated hackers, whose tampering has affected companies like Staples and Sony, it’s not hard to see why Internet security is taking the spotlight.


For most computer and device users, the first line of defense is a good password. The problem is, too few people know what goes into a good password. Weak passwords can put company information at risk for hacking, spamming and other issues.


So what distinguishes a good password from a bad one?


Bad passwords tend to be shorter than eight characters.
Good passwords – ones statistically shown to be less vulnerable to hackers – tend to be at least eight characters that include at least one uppercase letter and one numeral.


Bad passwords have versions of personal names in them – the name of the user or their spouse, child or dog – or other confidential information, such as street numbers or even PIN numbers.
Good passwords are a seemingly unconnected series of letters and numbers that have no tie to any personal information.


Bad passwords contain commonly hacked words, including “password” or “admin.” Easy-to-parse phrases, like “ilovedogs,” and common sequences of numbers like “123” are also targets.
Good passwords don’t use words that appear in a dictionary; they replace letters with numbers or symbols (for example, bOst*N instead of “boston”).


Bad passwords are identical to user/login names.
Good passwords are unique to the login.


Bad passwords never change and are used for all sites.
Good passwords are changed ideally every 90 days or at the least twice a year. Create unique passwords for your work computer, social media, email or any other application that requires login.


Talk to a knowledgeable partner about password management and other best practices to help keep your company’s information safe and secure.


tech assessment_1