Having a policy that encourages complex user passwords along with a scheduled
requirement to change them, is one of the best security investments you
can make. However, passwords must be easy to remember to avoid users keeping
them on a post-it note next to their monitor. So how can you help?
Suggest that your users select a standard "theme" for their
passwords. For example, places you have lived or cars you have owned.
Then add at least one non-alphanumeric character, such as !@#$%^&*,
and one number. Then, by changing the non-alphanumeric character OR the
number, you have a unique, secure password that can be changed and still
Another good trick is to take the same theme and substitute a number
or a non-alphanumeric character and you have a strong, unique password.
The following examples can easily be updated 25 times by just changing
the number or the non-alphanumeric character.
C&mar0 … for Camaro
This cycle should get your users through the most aggressive "change
your password" requirements, keep your network secure and remove
post-it notes from their monitor.
Five Tips for Secure, Complex Passwords
- Password cannot be based on or contain the user’s account name
- Must contain at least 8 letters
- Must contain characters from three of the following four categories:
- Uppercase Alphabet (A-Z)
- Lowercase Alphabet (a-z)
- Arabic numerals (0-9)
- Non-alphanumeric characters (!#$%&+=*)
- Mandatory password change every 90 days
- Passwords can’t be reused for 270 days
Article courtesy of All Covered
This article was provided by All Covered, the leading Technology Services
Partner for Small Business. All Covered delivers excellent service with
competitive pricing to thousands of satisfied customers. For information
on an introductory offer to All Covered’s services, please call 888-309-3999,
or go to www.allcovered.com/partner-offer/?id=ac414.