Michael Kahn

Business Solutions Group has been serving the Mt. Prospect area since 2009, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Tip of the Week: How to Make Your Credentials More Memorable

Tip of the Week: How to Make Your Credentials More Memorable

Let’s face facts: as critical to your security as they are, passwords are kind of the worst. Of course, since they are so critical, you need to make sure all of the ones you use are as secure as possible, so we’ve assembled some practices that may help you tip the scales in your favor. Spoiler alert: the conventional password may not be your first choice for much longer.

What Not to Do

There’s a tricky balance to strike when devising a password. On the one hand, you want it to be sufficiently secure, but on the other, you don’t want to make it too difficult to get back in for yourself, either.

This is probably the reason that so many password rules and best practices are broken and ignored: user convenience.

Let’s take a look at the top 15 results of some data compiled by the United Kingdom’s National Cyber Security Centre with the help of the security website Have I Been Pwned, regarding the most commonly breached passwords:

  1. 123456 
  2. 123456789 
  3. qwerty 
  4. password
  5. 1111111 
  6. 12345678 
  7. abc123 
  8. 1234567 
  9. Password1
  10. 12345 
  11. 1234567890
  12. 123123 
  13. 000000 
  14. Iloveyou
  15. 1234

Just glancing over this list, you can very easily see how a few of the simplest password quality rules are broken - common words, common number strands, and hardly any mix of alphanumeric characters.

It is probably also a safe bet that a person who would use a password like this would also be the person to repeat their password across accounts. This means that if one of their accounts were breached, they all would be rendered insecure. 

Of course, now that we’ve clearly outlined the problem, we have a proposed strategy to help fix it.

Using a Truly Random Passphrase

One way that you can improve upon password security is known as the passphrase. Instead of using random characters, random words are used, helping to make it both more complicated and easier to remember.

The web comic xkcd does a good job of explaining it:

However, this opens us up to new issues - like the very human instinct to stick to a pattern of some sort. Good for survival, not so great when you’re looking for true randomness.

This is why an IT professional named Arnold Reinhold developed a new method of generating a passphrase, called Diceware.

Taking a die, roll it five times, taking note of the numbers you’ve rolled. Whatever the 5-digit number you produced was, find it on the official Diceware word list. That is now the first word of your passphrase. Repeat this process until you have six or seven words in your passphrase. This helps eliminate human bias from the selection process, making this process about as random as possible.

Demonstrating Diceware in Action

Rolling a die, I came up with 45656. Diceware says that’s “pleat.”

My next roll came up 13211. “Bach.”

34663, making the next word “Julie.”

32135 means the next word is “gulp.”

32565, for a final word “choice” of “Hera.” 

So, my new passphrase is “pleatBachJuliegulpHera.” Gibberish, yet still far more memorable than the alternative system.

Remembering All These Passphrases

So, with the “random” part of our concerns addressed, there is still the concern that remembering so many different passphrases may be a bit much to ask. This is why we recommend that you combine your use of passphrases with the use of a password manager.

These handy programs secure all of your passwords (or passphrases) in a secure vault, ready for you to access with a single, master password (or passphrase). As a result, as long as you can remember one passphrase, you can use the password manager to handle the rest of your accounts.

For help in implementing all of this (or with any other assistance with your business’ information technology) give Business Solutions Group a call at 866.546.1004. What other tips would you like us to cover? Let us know in the comments, and subscribe so you don’t miss it!

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 25 February 2020
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Newsletter Sign Up

  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      QR-Code dieser Seite

      Recent Comments

      Is Your Business Backed Up and Secure?
      22 February 2020
      After the declaration of the result, a selection list is released at NVS official website. It is rel...
      Tip of the Week: Improving Your Organization Throughout the New Year
      15 February 2020
      Navodaya Vidyalaya Samiti (NVS) is going to release the JNVST School Wise Waiting List 2020 very so...
      BYOD Is a Must for Today’s Businesses
      11 February 2020
      TN ECS status: Tamil Nadu government has launched a TN ECS online portal for the citizens especially...
      BYOD Is a Must for Today’s Businesses
      04 February 2020
      The best algorithm for unlocking a pdf files is for the following website es.altounlockpdf.com. I ha...
      IT Can Have Fun, Too
      28 January 2020
      Jawahar Navodaya Vidyalaya Result 2020 – Navodaya Vidyalaya Samiti (NVS) will declare Navodaya Andam...

      Upcoming Events

      No events