Browse
Careers
 
 
 

Cyber Security Safety Series: Password Strength

Password Strength

Passwords have become a crucial component of nearly everything we do online. In our business and personal activities, passwords protect our sensitive information from hackers; but a password is only as strong as you make it.

According to an online security survey performed by Google, in partnership with Harris Poll, 52% of respondents reported that they reuse passwords across multiple accounts and 13% said that they use the same password for all of their accounts.

Weak passwords and password reuse present a serious security risk. Below, we offer some guidelines to follow to create a strong, unique passwords.

Password Construction Guidelines

Strong passwords have the following characteristics:

  • Contain both upper and lower case characters (e.g., a-z, A-Z)
  • Have digits and punctuation characters as well as letters (e.g., 0-9, !@#$%^&*()_+|~-=\`{}[]:";'<>?,./)
  • Are at least eight alphanumeric characters long
  • Are not a word in any language, slang, dialect, jargon, etc.
  • Are not based on personal information, names of family, etc.

Passwords should never be written down or stored online. Try to create passwords that can be easily remembered. One way to do this is to create a password based on a song title, affirmation, or other phrase. For example, the phrase might be “This might Be One Way To Remember,” and the password could be: “TmB1w2R!” or “TmB1W>R!” or some other variation. (Do not use either of these examples as passwords!)

Poor, weak passwords:

  • Contain less than eight characters
  • Can be found in a dictionary (English or foreign)
  • Are names of family, pets, friends, co-workers, fantasy characters, etc.
  • Are computer terms or names, commands, sites, companies, hardware, software
  • Use birthdays and other personal information such as addresses and phone numbers
  • Utilize word or number patterns like aaabbb, qwerty, zyxwvuts, 123321, etc.
  • Include any of the above spelled backwards
  • Include any of the above preceded or followed by a digit (e.g., secret1, 1secret)

This information should be used as a guideline and is not intended to replace the emergency preparedness advice of state or federal authorities.

< Return to the Cyber Security Safety Series

Share this:
 
 
 

 
© WestGUARD Insurance Company
CareersAffiliatesPrivacy PolicyOther Disclosures
A+ Superior