Password Worst Practice – Avoid It.
Password cracking is as easy as 123456, according to a recent study by Impervia of 32 million RockYou.com passwords.
The analysis revealed that the top 10 passwords of RockYou.com users were:
- 123456
- 12345
- 123456789
- Password
- Iloveyou
- Princess
- Rockyou
- 1234567
- 12345678
- abc123
While RockYou.com’s users may not have been trying to protect terribly sensitive data this example does raise the issue of proper password construction. The use of all upper case or lower case or sequential numbers should be avoided if at all possible.
Generating Strong Passwords
For effective password generation, TBS recommends that our users follow these rules:
- It should contain at least six characters.
- It should contain a mix of four different types of characters -- upper case letters, lower case letters, numbers, and special characters such as !@#$%^&*,;" If there is only one letter or special character, it should not be either the first or last character in the password.
- It should not be a name, a slang word, or any word in the dictionary. It should not include any part of your name or your e-mail address.
- You should be able to type it quickly, so that someone looking over your shoulder cannot readily see what you have typed.
- It should be changed at least every 90 days to keep undetected intruders from continuing to use it.
703.444.6562