- Create a password using six or more characters.
- Use a mix of uppercase and lowercase characters.
- Include numbers or special characters (if allowed).
- Change all of your passwords frequently; at minimum every 60-90 days.
- Clean your browser history and cache everytime you use a password on a site.
- Leave your passwords on your desk or in plain sight (such as attached to your monitor).
- Have a master file containing all of your passwords on your computer’s desktop.
- Use passwords that are easy to decipher such as your birth date, middle name, home address, social security number, etc.
- Use passwords that are found in the dictionary or common expressions.
- Use passwords that are a sequence of numbers or letters (ex. 123456 or abcdef).
- Give your passwords to anyone – especially via email or phone.
Remember to use caution with your passwords. If you receive an email or phone call from someone claiming to be from your bank or a website, never give them your account number or password. Always call the company back to verify their identity. Some criminals use a technique called “social engineering” in which they take the identity of a company employee to gain access to restricted information.
In addition, hackers use another technique called “brute force” where they use a dictionary of common words or phrases in an attempt to decipher a password. Your personal information is easy to find on the Internet through phone directories and genealogical sites, so do not use your name or relatives’ names and addresses as passwords. For password security recommendations, go to Kaspersky.com or McAfee.com.
Kaspersky. Recommendations how to create strong passwords.
McAfee Blog. Password Policy – Length vs. Complexity.