Page 23 - March-April2021 Vol 38 No 7
P. 23

By Heather Phillips

Creating a Secure Password

  The best advice in creating a secure    Memorize Your Password                     by using malicious software on a single
password is to follow or exceed             The best way to protect the password is  machine. Therefore, password managers
National Institute of Standards and                                                  are only as secure as the opening
Technology (NIST) guidelines from         to memorize it. Do not write it down, do   password.
Special Publication 800-63B. Create       not store it in a password manager, and    Adding Characters
a password that is no less than 8         do not share it with someone. Password
characters, includes special characters,  managers may seem safe because some          After the user creates a strong
does not use repetitive characters, does  can be encrypted with AES256 bit           password, the user can add characters
not include specific names, places,       encryption.                                to the password for individual sites to
or words, and does not use common                                                    identify its uniqueness, but relate it to
words.                                      However, when a user uses a password     the site with relatable characters that are
                                          manager, they are placing their trust      memorable.
   A user can create a unique password    into the application designers to keep
that is easy to remember by using         their information safe. Is the user or       For example, the password to amazon
a passphrase instead of random            organization willing to take that risk?    can be Iltr@TNPW’20!:). See the smiley
characters. The user can create a pass                                               face at the end of the password that
phrase by thinking of a sentence and        The designer could update their          resembles amazon’s logo? The password
use the first letter of each word to      software to cause a security breach        to the USPS can be Iltr@TNPW’20!356
create their password.                    and expose or gather passwords. The        if their PO box or house number is 356.
                                          application developer might seem           The password to Netflix can be Iltr@
  For example, “I like to read            reputable. Or, perhaps a guarantee         TNPW’20!Wm because the user watches
Tennessee Public Works Magazine in        of safety is put in place between the      movies. (Wm is for watches movies.) The
2020” would translate to IltrTPWM’20.     company and the organization for an        new addition to the password can also be
This can be further complicated by        enterprise management system, and          added to the first of the password as in
substituting special characters to turn   the password management software is        :)- Iltr@TNPW’20!., 356-Iltr@TNPW’20!
it into Iltr@TNPW’20!.                    secured with a password.                   or WM-Iltr@TNPW’20!.

                                            Attackers could compromise security

                                          	                                          View online at tnpublicworks.com	  23
   18   19   20   21   22   23   24   25   26   27   28