Security is more important than ever. With companies announcing data breaches in the millions of records you need to protect your personal information and your business data from this risk. Great password management is one key component to a full security strategy.

At LuminFire, we have a way of describing the quality of a great password: “fantastically strong”. The idea of a fantastically strong password essentially means that it checks all of the boxes for increased security, thereby increasing the effort it takes a hacker to guess your password.  “Fantastically Strong” passwords meet the following criteria:

  • 16 or more alpha characters (letters)
  • 2 or more numbers
  • 2 or more symbols
  • Uppercase letters
  • Lowercase letters
  • Extra credit — add a space, and have more than one word

This defines a password with appropriate length and keyspace. Keyspace is the most important factor in improving the quality of your password. The keys you type on your keyboard are the first assumption hackers make when attacking your password with brute force attacks. How you approach the use of letters, numbers, and symbols is the defining detail for password success. Some websites put an upper limit on the length of the password you can use in their web application. In this case you may need to shorten the randomly generated password a bit. Let the company know you want to use a more secure password or choose another company to do business with that better protects your data.

To step your password up a notch use a pass-phrase. Make up a small poem or phrase as your password with at least three words and don’t reuse words. Adding spaces and symbols to a sentence makes a fantastically strong password without much effort. For example: “your warm hands, your warmer smiles” is a part of a poem about coffee; add some numbers and symbols – “y0r7 warm han6s, y0ur warm3r sm1l3s” and you have an amazing password. Just by replacing i’s with ones, o’s with zeros, and e’s with threes. It’s a lot stronger than something like “greatone99”.

Password length and complexity increases the strength of a password. This is known as entropy. Pass-phrases are very successful against brute force guessing attacks because their entropy is significant enough that whoever is attempting to discover your password won’t have enough time or computer power to make those guessing attempts.

The best way to get a strong password is to use a password generator like 1Password.

How will you remember a strong password? The answer: You shouldn’t! You should however, use a password vault to store it. Password vaults make it possible to store many long complex passwords and easily use them as well. You unlock your password vault with a master password, select the stored password you want to use, and copy and paste it into your password field.

A password vault is the key tool in any security platform at any level. Any individual who uses the internet regularly can amass hundreds of passwords if following unique password practices. Password vaults allow users to have unique passwords for every single site.

Password age is an important factor in security due to data breaches. Passwords that have been leaked due to a data breach can be used very quickly by hackers. Users who are forced to change their passwords too frequently typically choose less secure passwords. Using a quality password vault can help find these leaked passwords and aid in the process of closing these gaps in your business or personal life.

Using single-use passwords where every password is different is one of the best ways to stay secure with technology, and using a password vault like 1Password makes this process pleasant and powerful.

https://youtu.be/mcly2-b1W20

LuminFire is a digital agency that creates custom apps and websites and specializes in security. We can assist you with PCI, HIPAA, FERPA, GDPR, and other compliance requirements for WordPress websites and FileMaker as well as greatly lower the risk of being hacked where you lose business due to malicious attacks on your company information. Contact us to help with implementing a security strategy for your organization.