Passwords are like friends, you can never have too many. 😉 And just like friends, you want to be able to depend on them and treat them right.
UO has a standard for minimum complexity (at least eight characters long with one upper-case letter, one lower-case letter and one number). Yet even with this standard, it is easy to create easily guessed passwords. For Example “Fall2015” meets the minimum UO standard, but does not look too secure come this September.
Making a complex password is not too difficult. Combining three or four unrelated common words, with a number included provides a much more secure password. Thus longer less complex passwords will typically be more secure than short arcane passwords that look like a cartoon expletive.
Top 25 Most Common Passwords (you don’t want to use)
2014’s list of the most commonly used passwords starts with “123456” and “password“.
See all 25 passwords
Different Account = Different Password
All your accounts should have different passwords. Having different passwords for important accounts (UO Duck ID, Credit Cards sites, commerce sites) helps insulate you from addtional identity theft if one of your accounts is compromised.
Change Your Passwords Periodically
The UO requires you to change your Duck ID password every six months. For other important accounts, it is good practice to change your most important passwords periodically.
Change Your Patterns
We often decide on a pattern or a set elements when we create passwords. It is good to change up your patterns when setting a new password as well. avoid just adding a 1 or a 2 at the end of your old password to make a new password.
Avoid Passwords with Personal Information
It good to avoid passwords that contain personal or family information that is easily found on the Internet. A person’s home address, family names, birth dates, etc. can be found all too easily and thus make a password more likely to be guessed.
Browsers Will Store Your Passwords. Think Twice Before Allowing It
All modern Internet Browsers (Firefox, Chrome, Safari, IE) will store your passwords for specific Web addresses. For some sites this might be a useful convenience, but for your most important sites and credentials, this is not a good idea, since your browser allows you, or some logged in as you, to reveal the addresses of the sites you have visited and the passwords you have let the browser store. The good new is that you can clear this information easily from your browser and you can set a browser to never remember any passwords.
Use a Password Manager
There are numerous password management applications and services. They have several advantages over using sticky notes on you computer monitor or keyboard.
Here are a few you may want to evaluate: