Keeping passwords safe and secure is step one towards making sure you’re not a victim of cybercrime. Burlington security firm Sophos put out a graphic of handy tips to keep you safe.
The company is pushing what they’re calling a SMART Passwords approach. It recommends users choose passwords that are:
Strong with 20-25 characters in length when possible.
Multi-character with a mix of numbers, letters, and punctuation, but warning that swapping ‘3’ for ‘E’ doesn’t count it anymore.
Avoid Associations like a birthdate, anniversary, beloved pet, or social security number.
Random such as using the first letters from a sentence to generate your password rather than a full word, and random in the sense that each password for different sites is different than the others.
Take advantage of Tools like LastPass, Passpack, YubiKey, and KeePass can help generate, store, and protect.
It’s all excellent advice, but it’s worth noting that even having great, unique passwords is only half the battle: You need to make sure that you’re careful about what emails you click, which websites you enter those passwords into, and who you trust with your sensitive data (the answer: As few people as possible, if not fewer).
The Onion put out a great, serious blog post detailing the multi-pronged “hack attack” that took over the satirical news site’s Twitter account. The surprising part? Very little of the hack was technical, instead relying on fake emails and cleverly disguised URLs to trick employees into giving over their passwords, one carefully laid trap at a time.
Sophos’ Naked Security blog does a good job updating the public on those types of threats, too.