November 22, 2014

Mission-centered Web Strategies

Password practices

We all like to have passwords we can remember. This leads to picking easy passwords, like our dog’s name or our high school mascot. Having easy-to-remember passwords, however, is also having easy-to-crack passwords. This is why many sites specify such things as you must choose a password of at least 8 characters and it must have a mix of numerals and both upper case and lower case letters.

Some sites have even further restrictions, such as no recognizable words, and you have to use special characters, or your password has to meet a certain strength threshold. The point to all this is simple: Passwords should be nonsensical, made up of a variety of characters, and reasonably long.

This rule applies to e-mail accounts, and it definitely applies to any accounts you use to access your Web site. If your password is easy to guess, then a person with destructive intentions can get into your site and do anything you can do … and often more. Why more? People wanting to hack Web sites often need only minimal access – a foot in the door so to speak – to wreak serious damage.

Good passwords have these characteristics, and you should use them:

  • They are longer (8-12 characters) rather than shorter.
  • They contain no recognizable words.
  • They have a mix of upper case and lower case letters as well as numerals, and where permitted, special characters like “(” or “%” or some such.
  • They are unique for each application.