Unfortunately, insecure passwords are not a thing of the past. As companies continue to grow, employees will use more and more applications that require a passcode. It’s time you enforce a new strategy to improve the security of your network.
A good password is no longer enough to keep baddies from infiltrating your systems. It’s time you start thinking about using a passphrase.
The best defense when thinking about a good passphrase is to know how passwords are hacked. An attacker will first go through a list of passwords which are commonly used, then they will try variations of those passwords. Most people will use their name, anniversary date, or even zip code as part of the passphrase. Guess what? That is way too easy to get hacked.
Here are some tips on how to create a passphrase you can remember but will still keep you secure.
[You might also like "5 Simple Tips for Online Security"]
1. Make it random
There are a few theories on how to make your passphrase random. Bruce Schneier, an internationally renowned security technologist, came up with the Schneier scheme which describes a method to come up with an easily remembered sentence and make it into a passphrase.
What you do is come up with something memorable such as “My youngest sister was born when I was seven.” Then turn it into a passphrase that is unrecognizable which includes symbols such as “MYswbWIW7!”. Another example is the phrase “Long time ago in a galaxy not far away at all” becomes Ltime@go-inag~faaa!. Obviously, do not use these examples for security reasons.
2. The longer the passphrase, the better
If you use only letters in a non-case sensitive password, an 8-character password has 2 billion possible combinations and would take the most powerful supercomputer or distributed attackers less than four minutes to crack.
The XKCD method illustrates using four random words to create a passphrase. Specifically, one that only you would understand. An example would be “PerfectHorseBatteryStaple.” Using a long passphrase like this is easier to remember than random symbols which makes it ideal.
[You might also like "Passwords are not Dead but Complex Ones are"]
3. More complicated than a Rubix cube
What’s great about a QWERTY keyboard is all the combinations especially when you mix lower and upper case characters. A great passphrase is unique to only the user. Keeping the network secure is the responsibility of the person using the machine. There are 96 possible characters on a keyboard that can be entered with or without using the SHIFT key.
Avoid using the same character consecutively because it compromises the complexity of the passphrase. Consider combining both the XKCD and Schneier methods to create a 12 character passphrase that is a serious nail-biter.
4. Fresh is best
Your company should have a policy to change passphrases regularly to keep your network secure. It is recommended that every 60 to 90 days employees should update their passwords. Although some security experts believe that it is better to have stringent requirements on length and password complexity rather than getting users to change passwords every three months.
5. Keep it a secret
Passphrases must never be shared. Not even with your IT support or supervisors. Employees should be trained to keep their passphrases a secret. Also, ensure they never write their passwords down and hide it underneath their keyboard or mouse mat.
There are several apps on the market which are great for saving passwords and are safe from hackers. While using multi-factor authentication is the best way to go, when you just don’t have that option, creating, using, and enforcing strong password practices can help with security. Use the guidelines above to help create a good password policy in your network, and to teach your users good password practices.
Though keeping passphrases complex, long, and a secret, it may not veer off all of the vulnerabilities within an organization. All of the machines connected to your network need to have their security updated regularly. GFI LanGuard takes an inventory of all of the devices on the system and distributes patches as necessary to keep them from being vulnerable from malware.
A strong passphrase is one defense from allowing hackers from infiltrating your systems, however, having a good security plan will make your network ironclad.
(This blog post originally appeared on TechTalk by GFI Software)