A password is a powerful authentication tool that works to ensure only appropriate users have access to sensitive data and administrative rights. It will act as a key to such things, but not all passwords are created equal. It is important to prevent a password from falling into the wrong hands and to keep the power it grants authentic only to you. To decrease the likelihood of having a password being compromised it is recommended to:
• Make your password as long as possible. There is no perfect length, however the longer the password is, the more resistant it will be to a brute force attack. Six to fourteen characters is typically satisfactory.
• Use as many different characters as possible, including numbers and/or symbols.
• Avoid using personal information or anything likely to be deciphered with minimal research or knowledge about you.
• Avoid using words, geographical, or biographical names that can be found in standard dictionaries of any language.
• Consider using both upper and lower case characters intermittently within a password.
• Periodically change your password to protect against compromises. There is no perfect amount of time to retain a password, but stale passwords can pose a risk of being uncovered the longer they exist.
A good strategy for developing memorable yet complex passwords is to make it the acronym for a particular phrase, preferably one involving numbers and names to represent capitalized letters. For example: "Lex Luthor took forty cakes and that is terrible" would translate to the complex password of "LLt40catit" yet has a personalized mnemonic device to remember it.
Another tactic for developing a good password is to intentionally misspell or break words up with symbols, for example "braekfast17" or "49Ele%phants".
Avoid writing passwords down if possible or sharing them with anyone. A good password will be random to anyone other than you.
