This last digital decade has been filled with a fantastic amount of innovation and explosive growth in personal digital services. So many services both personal and required for your job exist; Email, Facebook, Twitter, VPN, AD, LAN, WiFi, Intranet, Extranet, Voicemail, Line of Business apps…..you get the idea. If you’re like most people, you’ve standardized with one or two passwords that you rotate through, if possible, and that have stayed basically the same for the last couple of years.
I had a conversation with Mike Fitzpatrick, CEO of NCXgroup, an information security risk management firm, who mentioned that with their rainbow tables they crack 98% of all passwords they run into, and in most cases when they do a security audit of a company they get 100% of all the passwords.
According to Mike, “…even “password” is a good password if it looks like this:P@$W0rd. 7 character passwords tend to better than 6 or even 8 characters because the hash algorithm tools are looking first at even number character passwords. Change them every 90 days whether the system requires you to or not, and don’t reuse a password for 12 months.” Thanks for the insight Mike, it seems so basic, yet this just became a priority task for me.
As you manage your online profiles the importance of different passwords becomes paramount since there are services that allow you to login to 30+ sites with one set of credentials. Essentially, if someone learns one password, it becomes very easy for them to test the most popular sites to see what else that gives them access to. Here’s a funny yet eerie cartoon starring a black hat hacker.
So, the lessons on this Not New Technology Tip, are:
- change your passwords
- make them different
- 7 characters with special characters
- change them at least every 90 days with no reuse within 1 year.