BNMC Blog

Tip of the Week: How to Make Your Credentials More Memorable

Tip of the Week: How to Make Your Credentials More Memorable

Let’s face facts: as critical to your security as they are, passwords are kind of the worst. Of course, since they are so critical, you need to make sure all of the ones you use are as secure as possible, so we’ve assembled some practices that may help you tip the scales in your favor. Spoiler alert: the conventional password may not be your first choice for much longer.

What Not to Do

There’s a tricky balance to strike when devising a password. On the one hand, you want it to be sufficiently secure, but on the other, you don’t want to make it too difficult to get back in for yourself, either.

This is probably the reason that so many password rules and best practices are broken and ignored: user convenience.

Let’s take a look at the top 15 results of some data compiled by the United Kingdom’s National Cyber Security Centre with the help of the security website Have I Been Pwned, regarding the most commonly breached passwords:

  1. 123456 
  2. 123456789 
  3. qwerty 
  4. password
  5. 1111111 
  6. 12345678 
  7. abc123 
  8. 1234567 
  9. Password1
  10. 12345 
  11. 1234567890
  12. 123123 
  13. 000000 
  14. Iloveyou
  15. 1234

Just glancing over this list, you can very easily see how a few of the simplest password quality rules are broken - common words, common number strands, and hardly any mix of alphanumeric characters.

It is probably also a safe bet that a person who would use a password like this would also be the person to repeat their password across accounts. This means that if one of their accounts were breached, they all would be rendered insecure. 

Of course, now that we’ve clearly outlined the problem, we have a proposed strategy to help fix it.

Using a Truly Random Passphrase

One way that you can improve upon password security is known as the passphrase. Instead of using random characters, random words are used, helping to make it both more complicated and easier to remember.

The web comic xkcd does a good job of explaining it:

However, this opens us up to new issues - like the very human instinct to stick to a pattern of some sort. Good for survival, not so great when you’re looking for true randomness.

This is why an IT professional named Arnold Reinhold developed a new method of generating a passphrase, called Diceware.

Taking a die, roll it five times, taking note of the numbers you’ve rolled. Whatever the 5-digit number you produced was, find it on the official Diceware word list. That is now the first word of your passphrase. Repeat this process until you have six or seven words in your passphrase. This helps eliminate human bias from the selection process, making this process about as random as possible.

Demonstrating Diceware in Action

Rolling a die, I came up with 45656. Diceware says that’s “pleat.”

My next roll came up 13211. “Bach.”

34663, making the next word “Julie.”

32135 means the next word is “gulp.”

32565, for a final word “choice” of “Hera.” 

So, my new passphrase is “pleatBachJuliegulpHera.” Gibberish, yet still far more memorable than the alternative system.

Remembering All These Passphrases

So, with the “random” part of our concerns addressed, there is still the concern that remembering so many different passphrases may be a bit much to ask. This is why we recommend that you combine your use of passphrases with the use of a password manager.

These handy programs secure all of your passwords (or passphrases) in a secure vault, ready for you to access with a single, master password (or passphrase). As a result, as long as you can remember one passphrase, you can use the password manager to handle the rest of your accounts.

For help in implementing all of this (or with any other assistance with your business’ information technology) give BNMC a call at 978-482-2020. What other tips would you like us to cover? Let us know in the comments, and subscribe so you don’t miss it!

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, January 19 2020

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Cloud Privacy User Tips Email Productivity Microsoft Network Security Hackers Computer Software Malware Hosted Solutions Google Data Business Communication Tech Term Mobile Devices Small Business IT Services Efficiency Hardware Internet Workplace Tips IT Support Cloud Computing Innovation Ransomware Managed IT Services Smartphone Outsourced IT Data Recovery Backup Upgrade Android Saving Money Data Backup Windows Smartphones Information Facebook Mobile Device Users Managed IT Services Microsoft Office Browser Cybersecurity Server Phishing Miscellaneous Social Media Windows 10 Business Continuity Business Management Office 365 Windows 10 Internet of Things Data Management communications Gmail Word Network Passwords Vulnerability Productivity Remote Monitoring Gadgets App Disaster Recovery Artificial Intelligence Managed Service Encryption VoIP Chrome Apps Infrastructure Applications Tip of the week Router BYOD IT Support Money Employer-Employee Relationship Settings Managed Service Provider VPN Save Money Quick Tips Virtual Reality Website Analytics Employee-Employer Relationship Government Collaboration Avoiding Downtime Maintenance Computers Antivirus Hacker Data storage Big Data Company Culture Display Networking Access Control IT Management Data Security Robot Paperless Office Virtual Private Network Development Google Drive YouTube Bandwidth Automation Content Filtering Risk Management Unified Threat Management Education Apple Storage Office Tips SaaS Printing Two-factor Authentication Managed IT Service Password Firewall Laptop Virtualization Customer Relationship Management The Internet of Things Scam Holiday Business Intelligence OneNote Document Management Remote Workers Retail Alert Data Breach Downtime Wireless Windows 7 Solid State Drive Search Outlook Spam Computing MSP WiFi Augmented Reality Bring Your Own Device Operating System Managing Stress Social Monitors LiFi Hard Disk Drive Vendor Management Humor Chromebook Business Technology Hosted Solution Information Technology Server Management Administration Touchscreen Mouse End of Support IT Tablet Data loss Social Network HIPAA BDR Telephone Systems Mobile Security desktop Updates Digital Smart Tech Address Virtual Desktop Permissions Distribution Managed Services Utility Computing Disaster Work Sports Business Growth Patch Management Voice over Internet Protocol Device Reducing Cost Writing Cooperation Service Level Agreement User Error Legal Mixed Reality Wi-Fi Windows 8 LED Threats Hotspot Internet Exlporer Unified Communications Drones Payment Card Migration Consulting Compliance Specifications PowerPoint Dark Data Spyware Update Connectivity Logistics Laptops Uninterrupted Power Supply IT Technicians Heating/Cooling Optimization Multi-Factor Security IBM Modem FinTech Break Fix Mobile Device Management Mobility Batteries File Sharing Staff Time Management Leominster Printer Deep Learning Computer Care Black Friday Co-Managed IT Language Value Cybercrime Politics Regulations Alt Codes Onboarding GDPR Identity Theft Customer Service IoT Emergency Asset Management Software as a Service Managed Services Provider Mirgation Marketing Servers Recycling Google Calendar Training Corporate Profile Private Cloud Cookies Dark Web Print Toner Myths Office Samsung Network Management K-12 Schools Slack Hard Disk Drives Social Networking Cyber Monday Content Huawei Automobile Computing Infrastructure Professional Services Budget Messaging G Suite Tech Support Typing Digital Signage Data Warehouse Star Wars Memes Entertainment Vendor Dell Chatbots eWaste Legislation WannaCry Nanotechnology Microsoft Excel Current Events Shortcuts Mobile Management Cabling Social Engineering Wearable Technology Network upgrade Halloween SharePoint Best Practice Monitoring Solid State Drives Motherboard Managed IT Cables Smart Technology Streaming Processor Google Maps Alerts USB Techology Employee-Employer Relationships Websites Cryptocurrency Troubleshooting Business Analysis Fraud How To Cost Management Lenovo iOS Hybrid Cloud Identity Statistics Continuity National Security Screen Reader Mail Merge Charging Blockchain IT solutions Going Green Security Cameras Profiles Safety Smart Office Scary Stories Downloads Google Docs Spying Shortcut Wires Distributed Denial of Service Hacks Human Error Memory Remote Computing Licensing VoIP Dongle Running Cable Unified Threat Management Analysis Students Bitcoin Virus Digital Payment Network Congestion Firefox Assessment Superfish Google Wallet Holidays Scalability Conferencing Bluetooth Solar Buisness Comparison Tracking Regulation Meetings Machine Learning Processors Cleaning CCTV Unsupported Software Webcam Computer Repair Relocation Financial Error Inventory Mobile Data Recovery Point of Sale Ben McDonald shares How To Work/Life Balance Health Mobile Computing Travel Black Market Shadow IT Supercomputer CrashOverride Law Enforcement Staffing Electronic Medical Records Motion Sickness Notifications Administrator Twitter Taxes Physical Security IT Budget Emoji Web Server what was your? Upgrades Gadget GPS Crowdsourcing IT Consultant Personal Information Botnet Printers Cortana Cameras 3D Printing

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3