Additionally, if you are a security awareness manager, consider adding these tricks to your password policies to ensure all employees have strong passwords.
The most common excuse for not having a strong password is that they are hard to remember. We get it, but there are strategies you can use to create memorable and hard-to-guess passwords. One of these is using “passphrases”. A passphrase is a password strategy that uses a string of words. The key to this strategy is using a random string of words, not any personal words.
Think: LampRoseTeardropCar
Not: CharlieConnorSarah (Your kids’ names)
Maybe these words mean something to you that no one else would know. For example, you may list the different magnets on your fridge. Or list the top-selling item at each retail job you had in high school. If you need extra help making it memorable, consider taking a phrase and only highlighting certain words. For example, if you’re using a fun fact you remember:
Think: GiraffesThirtyLightningPeople
Not: Girrafesarethirtytimeslikelytobehitbylightningthanpeople
This strategy can help you remember your password better – but remember it should be unique and somewhat random.
Using acronyms is another great way to remember your password without compromising strength. Acronyms allow you to create your string of “random” numbers and letters out of something that you’ll always be able to recall. It’s easy: Take a lyric from your favourite song and only take the first letter from each word to create a long password.
Lyric: Sing us a song, you’re the piano man. Sing us a song tonight. Well, we’re all in the mood for a melody and you’ve got us feeling alright.
Password: Suasytpmsuastwwaitmfamaygufa.
If you use a passphrase or pass-acroynym select purposeful spelling errors as your own code to make the password even stronger. You can choose certain letters that can be replaced by numbers – For example, using 3 in place of any E’s in your password. Or, you could use special characters in place of letters. For example, replacing all your N’s with &s. Using this trick doesn’t mean you can go back to using your dog’s name for your password, but it’s an additional tool to use alongside your passphrase.
This: GiraffesThirtyLightningPeople
Becomes: Giraff3sThirtyLight&i&gP3ople
A password technique commonly used by software developers is camel case. Camel case is identifying a pattern to add capital letters within your password or passphrase. Some may add capitals at the beginning of every word in a passphrase, but to make your password even harder to guess, create a pattern that only you know. For example, every third letter is capitalized.
This: LampRoseTeardropCar
Becomes: laMprOseTeaRdrOpcAr
Spaces are an extremely simple but powerful way to enhance your passwords. Many people forget, but spaces are sometimes considered special characters. Adding a “ “ in your password is just as helpful as adding a “&”, but can be so much easier for you to remember. Try taking your typical password and adding spaces between each word. Even better, use the camel case strategy and create your pattern for spaces, like a space between every 5 characters.
This: GiraffesThirtyLightningPeople
Becomes: Giraffes Thirty Lightning People
Even Better: Giraf fesTh irtyL ightn ingPe ople
If the program you are using doesn’t allow spaces in passwords, other special characters work just as well. Instead of using a space between every word, you could use a /.
This: GiraffesThirtyLightningPeople
Becomes: Giraffes/Thirty/Lightning/People
Even Better: Giraf/fesTh/irtyL/ightn/ingPe/ople
If you continue to fall back on the same excuse of not being able to remember anything besides your kids’ or dog’s name, then there is still a trick for you. Create your keyboard code to transform a very weak password into a stronger password. For example, decide that when you type out your typical password, each letter will be the letter above it on the keyboard. This makes a “random” password out of the password that you can remember.
This: CharlieConnorSarah
Becomes: Dyq4o83D9hh94Wq4qy
Then, use some of our other tricks like camel case patterns, spaces, or special characters to increase the strength of your password even more.
Even with all of these tips, remember to never use the same password more than once and to update your passwords regularly. A common practice for cyber criminals after breaches is to try the usernames and passwords on different platforms. So, if your Netflix password is the same as your banking password and Netflix was breached, it won’t take long for the scammer to hack into your finances.
We know that in this day and age, people have way too many accounts to remember every password. That’s why the best practice is to have a password manager. It allows you to have extremely hard-to-guess passwords for every account you have. All you need is a strong master password that you can create and remember using these tips.
By implementing these strategies, you are strengthening the first layer of protection for all of your personal and professional accounts. Even if it seems like these new practices will take away a few seconds of your day, know that it will be worth it in the long run. Encourage your friends, family members, and employees to do the same to create a safer cyber environment. Stay secure!