PCI DSS Standard
What is the PCI DSS Standard? The Payment Card Industry Data Security Standard (PCI DSS) represents the requirements all companies, […]
This may not be a question you ask yourself very often, but you should. Passwords are the gatekeepers to the library of your life on the internet. They keep prying eyes away from your bank accounts, email, social media, etc.
Most people think of password security as something reserved for a corporate computer user. However even with corporate password management policies provided by IT staff, we find that most users will either set a password that is far too simple, write it down or store it in a place that is usually not very clever, like a notebook full of passwords, sticky note under a keyboard or in a word document on their desktop.
The most BASIC security requirements for most passwords across the internet is a minimum of eight characters, which often include the use of four different character sets. A lower-case letter, an upper-case letter, one number, and 2 symbols. Most people who have worked in the corporate world are very familiar with this concept.
What if I told you that is not enough? With today’s computing power, depending on the complexity of the eight characters, it can take anywhere from less than a second to a few hours to crack an eight-character password.
For a comparison, an attacker using a straightforward brute force attack would take 2 seconds to crack the password “letitbe”, as opposed to 24 hours to crack the password “L3t1tb3!”
How do we combat this and still be able to remember our passwords? There are a few basic rules for creating passwords and some tools that can make your life easier. First, let’s go over some rules.
Now that you’ve decided to create UNIQUE passwords for each site you log into, what tools are there that can help you remember them all? I encourage you to investigate the use of a password storage application. There are several open source and paid options (e.g. KeePass or LastPass).
Also, when possible always use two-factor authentication. Two-factor authentication requires not only your username and password to access websites but also another code that is often in the form of a text message sent to your smartphone.
As always, Movaci is here to help. If you have any questions or need some advice on password tools and tips, feel free to email us at [email protected]