The U.S. Computer Emergency Readiness Team advises that if people do not choose good passwords and keep them confidential, it is almost as ineffective as not having any passwords at all. US-CERT offers the following tips for choosing strong passwords.
- Don’t pick a pin with a combination of easy to find information (such as birthday, phone number, address).
- Don’t chose a common word that is found in the dictionary since it may be susceptible to dictionary attacks which guess passwords based on common words or phrases.
- Intentionally misspell words in the password.
- Use memory techniques, or mnemonics, to help remember and decode passwords (such as using the first letter of each word in a sentence that you can remember.
- Use a combination of uppercase and lowercase letters, along with numbers and special characters
- Longer passwords are more secure than shorter ones.
- Use different passwords on different systems and accounts.
- Consider a password manager program to keep track of passwords.
- Don’t save passwords for online sessions.
- Log out when you are on a public computer.
Following good password protocol is an important step to keeping online data safe.