Just as good fences make good neighbors, strong passwords make secure users. Put another way, if your pastor is using his first name as a login, and his last name as a password, it won’t be long before your website and/or email system begins spewing spam for various online services not usually associated with a church … or worse.
What do I mean by worse? Glad you asked.
All a hacker need do is to figure out the login and password to one privilegedÂ account and that’s usually enough for them to then quietly get into the rest of your system and begin discovering sensitive information about your organization and/or its members.
I mean imagine the emotional impact and legal/political ramifications that could arise by the publication of private data and/or identity theft resulting from a system compromised by weak password practices.
Okay I’m freaking out, so now what? Glad you asked.
Here are five things you can teach your users to do in creating and using stronger passwords:
- Avoid passwords based on repetition, dictionary words, letter or number sequences, usernames, or biographical information like names or dates;
- Include numbers, symbols, upper and lowercase letters in passwords;
- Password length should be around 12 to 14 characters;
- Don’t write down passwords where prying eyes can see them, like a PostIt note taped to the underside of one’s keyboard; and
- Avoid using the same password when registering with other online services.
Easier said than done Dean. Yes, I know but …
Unfortunately, getting laypersons and staff to use strong passwords is indeed easier said than done because by their nature, such passwords are harder to remember and guess.
That said, one technique I’ve seen used with success is employing passwords based on easy-to-remember mnemonic phrases such as:
- mYd0gh@sFleaz – or My Dog Has Fleas
- @0ne4all2C – at 1 for all to see
There are also a number of free online services that will generate a strong password if you’re having trouble thinking up one of your own, here are just a few:
- PC Tools Password Generator
- Mnemonic Strong Password Generator
Along with that, here’s a link to a rather nice free online service that will rate your password’s strength against a number of the criteria mentioned above and then some:
And if you’re too chicken to tell your church secretary that the name of her prize poodle isn’t going to cut it, just send him a link to this article. I can take it from there.