Password guideline for general users

News portals are filled with reports on compromised accounts. We know friends who have had their Facebook, Yahoo, and other accounts hacked and can no longer access making them exposed to their sensitive emails, and even allowing hackers to pose as someone else.

While application developers do their best to ensure safety, the first basic step you can take is to ensure you use a good password. Good password can be confusing, if “qwerty” is not secure is “qwerty123” secure (no, it’s not). Hence we have provided a guideline which will help you set the right password.

This article is meant for general users and not meant for system administrators etc who need to have a different level of security.

  • Do not use simple passwords like someone’s name, or repeating characters like abcdef123, or qwerty123 etc. You may think your password is clever by going reverse or choosing even numbers in sequence but its not. Have a look at some of the most vulnerable passwords
    http://www.telegraph.co.uk/technology/2017/01/16/worlds-common-passwords-revealed-using/
  • Use minimum 8 characters even if the system allows for less number of characters. For more sensitive systems 20 characters are suggested like for administrative account for your server.
  • We suggest you use a simple method of combining 2 non-associated words like lemon and purple and add a number and make one of the letters capital to get something like lemon343Purple. Other examples of such passwords are napkin9001Fan, Hiccup2421Gem and Tea7732rocket. For more sensitive or secure systems like administrative accounts for servers its best to use a password generator (just google and you will find some sites, or you can use the software KeePass to generate password).
  • Do not share your password with anyone. If you have passwords which you need to share, like your Wi-Fi password, please ensure they are different from your bank password.
  • Use a password manager like KeePass to keep track of your passwords.
  • Never share your passwords with anyone.
  • Ideally keep a different password for each account. Your bank password should be different from your Facebook account password.
  • Ideally change the passwords at least every year. You should change it immediately if you feel your password has been compromised.
  • Set 2 factor authentication if available with your account which adds to your password security. With 2 factor authentication you will have to additionally add another password which is sent on your mobile and/or email, so ensure you have those details correctly setup in your account. Some systems also allow you to enable 3 factor authentication.

We hope this guide has helped you and wish you a secure account experience!