The door of your business likely has a strong secure lock with a unique key. You should protect your computer in a similar manner.

Some devious people use what is called a dictionary attack in which every word in the dictionary plus words commonly used as passwords are tried to attempt to access your system. Using a password that is made up of a unique string of characters provides useful protection.

Please be careful when using a website that asks you to enter a word in the event you forget your password. Don’t use obvious information as your answer. If you do it will be as though you use a high strength lock for a password then put your key under the doormat.

You may remember that Sarah Palin’s email was hacked into using public information such as her DOB, zip code and high school (Wasilla High). If everyone knows that you have 9 cats and you talk about them all the time, don’t use the question “What is my favorite animal” and simply list “cat” as the password reset question answer.

Also, please don’t give away private information such as your birthplace, mother’s maiden name or date of birth unless absolutely necessary. Some might misuse your information.

One solution is to develop a personal system: a formula that you use to create passwords which can in turn be used to remember passwords.

For Example:

  1. Choose a format such as tu+2 (skirt a ballerina might wear)
  2. Determine a method to enter a unique character(s) for each web site such as the first and last letter of the business. Facebook = Fk, Kohls = Ks, Dell = Dl.
  3. Determine the additional character to use such as the last digit of the year and the number of the quarter (2012, 1st quarter could be 21)
  4. Now put it together. Facebook is: tu+2Fk21
  5. Update your passwords quarterly. When you update to 2012, 2nd quarter the password would change to tu+2Fk22
  6. Change your password formula each calendar year to keep it fresh

Please don’t use this system verbatim. Create one that fits you and that only you know. No system is perfect. They are all a function of cost (password length, complexity, uniqueness, revision frequency) and benefit (the better the password, the more secure the system). Pick something that you feel is sufficiently secure.

FYI—Do’s and Don’ts: Basic Password Criteria:

  • Do use a password of eight digits or more (6 minimum)
  • Do update passwords periodically
  • Do avoid reusing previously used passwords
  • Do make sure passwords contain each of the following: lowercase letter, uppercase letter, special character (i.e. $ ^ + #), number
  • Don’t use a word or words from the dictionary in any language
  • Don’t use a commonly used password such as “P@ssw0rd”, “123456”, etc.
  • Don’t use a phrase or fact about you or your business (RangersFan, DancingMachine, etc.)
  • Don’t use private information (SSN, Date of birth, age, address, phone number, etc.)