Creating strong, complex passwords that are difficult to decrypt by hackers is one outstanding way we can bolster our cybersecurity. Even merely hashed, alpha-numeric passwords aren’t enough these days to keep highly-motivated cybercriminals at bay. So, what’s the best advice one can get on the creation and maintaining of passwords that can weather hacks and exploits that seek to gain access to sensitive data through the decryption of passwords? Cornell University IT Services gives the following recommendations for their own NetID identity management on creating stronger passwords:
- Passwords should be 8-20 characters long.
- They should not contain your name, dictionary words, or simplistic patterns.
- They must include three of the following: Uppercase letters, numbers, and special characters (!,@,#,$, etc.).
- Avoid repeated characters, like BBB or 888.
- Do not use common sequences like ABC or 123.
Strong Password Examples
One password example given by IT Cornell is H*P@p7mZ%. They accompany this example with the side-note that it should be a complex sequence, but one you can ultimately memorize (if you have the wherewithal), as difficult as it may seem at first. They remind us that quite often, the only thing standing between our exploitable data and a cybercriminal is a well-encrypted, complex password. A tutorial video on the Cornell.edu website illustrates how one can take a phrase like “Jack and Jill went up the hill” and create a hard to parse or decrypt password by taking the first letter of each word in the phrase – j-a-j-w-u-t-h – then, replacing three of the letters with, respectively, an upper-case letter, a number, and a character, a la: jAjw@2h.
Also advised by most authorities on cybersecurity is don’t write passwords down anywhere conspicuous. Don’t share them with anyone. If you do write it down somewhere, make sure it’s kept in a place where no one can find it, like, say, on a post-it note stuck inside a purse pocket or wallet – someplace on your person, not in your desk or stuck to your monitor. And, as hard as it may be to do this, Cornell IT services advises having a separate “Jack and Jill” encrypted phrase for each log-in you interface with throughout your day.
The More Complex the Better
The Cornell “Set Strong Passwords” page goes on to show how you can maintain deeper complexity and stronger security with passwords, suggesting that we can even invent a coded language for our passwords, a la cryptograms, or ciphers. For example, replacing every letter in the alphabet with a symbol, where you can also blend such encryption with highly personalized remembrances, such as “John M. graduated in 2003,” which would then become something like, “3o7n # g*adU@&eD i= 2!!3”.
Call a Password Security Expert
If you have further questions regarding creating better passwords and cybersecurity, Apex is the leader in providing IT services in Central and Northern California. Contact one of our expert IT staff at (800) 310-2739 or send us an email at email@example.com today, and we will help you with any of your questions, concerns, and needs.