NEW PASSWORD RECOMMENDATIONS
If you are like many people and prefer NOT to use a Password Vault (Dashlane is what I use) and struggle with remembering all of those passwords you might really like this advice. The newest advice that I have read urges user friendliness.
The new recommendations call passwords "Memorized Secrets" and encourage long passphrases rather than complex short passwords. It is still good to use special characters like !, @, #, $, %. Use a whole sentence that you will easily remember. The fact that it is long and has some special characters will make it difficult to crack.
WHAT MAKES A BAD PASSWORD
These are all things I have seen people using!
- repetitive words (“passwordpassword”) (often because so many letters are required)
- sequential strings (“password12345”)
- variations on the website name (“FacebookPassword)
- It always surprises me how often when told to use a capital letter people capitalize the first letter in the password or when told to use a symbol put ! (exclamation point) at the end or a number and put 1 at the end. Now that I have seen it so often I would build that into my password-breaking program if I was a geek.
PASSWORDS AND THE END OF LIFE
Start keeping a log book with passwords, preferably in alphabetical order. Or use a password vault. Whatever you do let someone know how to access your passwords when you are gone. This will save someone SO much pain and time later on. Password vaults can be set up with an emergency user.