Passwords are important; they are our keys to need-to-know information when others don’t need to know. The best security precaution is to not have information that others shouldn’t know. If you could store a reference number instead of sensitive information like medical records then you’ve taken the best possible precaution to keep their information private. Strongly consider reference numbers; ask yourself why am I risking someone else's lively hood and my own by sharing something that didn’t need to be. People are often fined or forced to serve time for not doing their due diligence to keep information secure.
Pin: Typically a short number only password.
Password: A group of characters that when entered grant access.
Passphrase: A password of more than one word.
Password Generator: An application used to randomly create a password. Password generators are not truly random but are very close; consider using one.
Public Domain: Information accessible from/to anyone.
Sensitive Information: Data that is controlled. Examples: Medical records, financial information, or proprietary information.
Need-to-know: Sharing information with those who need to know and no one else.
Characters: The basic keys on your keyboard they could be letters, numbers or symbols.
Passwords can be compromised by taking guesses. There is plenty of information accessible to everyone that helps in that guess work. You may feel your password is unique at the time this article was written there was 7,299,296,211 (http://www.census.gov/popclock/) people estimated to be living; if you include past generations then there are many more of whom may have used the same password. Do your best to use a password that is as unique as possible or get some help from a password generator.
The strength of a password is based different factors. The simplified formula for password complexity is:
[Password Length] * [Character Range]
Password Length: The total number of characters. Character Range: The range of characters you use for your password can greatly increase the complexity of your passwords and that is good. Sometimes capitalize and use numbers/letters/symbols to make someone guessing more likely to fail.
Believe it or not a password can be heard. Sensitive equipment can listen to the differences between key strokes to find patterns like word lengths in a password phrase. Computers can analyze the sounds to determine likely word usages not only based on that one recording but of the aggregation of past recordings. Entities with mediocre funding are capable of greatly increasing the likely hood of guessing the right password by including audio analyses into their guessing formulas. Although many recommend using passphrase instead of passwords we find those audio patterns greatly reduce the amount of guesses needed to compromise your password. Using copy-and-paste features can eliminate this potential vulnerability. Just don’t forget that sometimes hitting paste again can completely reveal your password if done in the wrong place.
Passwords can be seen as they are entered on your keyboard. Cameras can record and people can watch. People have been known to get pin numbers by looking at the way a person enters the information. Help keep your password secure by entering it quickly or covering up what you can as you enter it. You keep your pin covered when you enter debit information and that’s only associated with your finances; other passwords could be associated with your livelihood and the livelihood of others like medical records and other confidential bits of information. Using copy-and-paste features can eliminate this potential vulnerability. Just don’t forget that sometimes hitting paste again can completely reveal your password if done in the wrong place.
Many entities have access to information that helps them guess the most frequently used passwords first. Used in conjunction with audible, visual and background information you would be surprised how easy a password can be to guess.
Security questions are vulnerabilities. Sometimes answers to security questions are really easy to find like in the about me page of your Facebook account. If a website requires you to pick security questions and answer them remember that the answers don’t have to be correct. Consider using a password generator for security questions and keep that password just as secure if not more secure than the password you use for access.
The strength of your password should be proportional to how badly you want to keep the information private. If the worst thing you’ll lose is your name and birthdate then you could consider an easier password for that type of website. If the information could lead to prison time then consider how badly you want to stay out and put in the right amount of effort required to accomplish that goal.
Consider matching your password strength to the type of information stored. If you have credentials (username/password) for Amazon, Ali Baba and Walmart think about what data you have stored that you want to keep secure and don’t regret using the same password for matching pieces of sensitive information. That is to say: If they all have the same credit/debit information and personal information then if one store is compromised then have no concern for the other websites because you’ve already lost the sensitive information.
If you know that others accessing that website wouldn’t jeopardize your way of life then use an easy to remember password and use that same password for any other website you don’t mind being in public domain (information shared with anyone). Some passwords should be complicated and other passwords can be fun and easy. Don’t forget about information in the settings like credit/debit card information for recurring payments and personal information you entered during registration because it could certainly be reason enough to use a more complex password.
Keychains don’t have to be light but the heaver the keychain and the louder the jingle the more likely people will want to see what you have available.
There are applications that can store password information for you. Don’t trust them; store as little information in those types of applications as possible and spend many hours researching and validating the applications integrity. What may be considered safe today might be tomorrows news and not doing your homework doesn’t keep you out of trouble. Keep other people's information more secure then your own because if you don’t secure their information you could be liable. If you have trouble remembering your passwords then write them down and store them in a secure place like in a bank lock box, vault, or password keychain type application. Sometimes password recovery features are better then putting all of your keys in one place especially if people know where to look.