When it comes to passwords, you know that it needs to be difficult to guess, but simple enough to remember without writing it down. And of course, you should never reuse the same password.
Luckily, there are some guidelines and tools that can help you create and manage all these multiple passwords.
3 Random Words
3 Random Words is the method the UK’s National Cyber Security Centre (NCSC) recommends when choosing a password. Rather than relying on a password strategy that uses random numbers and symbols thrown in that can confuse users, the NCSC’s three-word password strategy is designed to create a random enough password that is difficult to guess.
Three reasons why the NCSC recommends this approach is:
- Length: three words are normally longer than a single word would be.
- Novelty: as it is less likely that the 3 random words you come up with are the same and in the same order as someone else’s.
- Usability: It’s easier for the user to come up with three random words and remember them, than random letters and numbers.
NIST Password Guidelines
NIST (National Institute of Standards and Technology) has updated some of its best practices for users to create new passwords. One of NIST’s recommendations is that passwords need to be lengthy but shouldn’t require complexity. In other words, NIST agrees with the NCSC’s recommendation that users should not be required to add special characters and numbers to a password, as users fall into predictable patterns with special characters that hacker tools can easily predict. NIST recommends “increased password length as a key password security control, especially through encouraging the use of passphrases.”
Use a Password Manager
For those of you with many accounts, you know it is impossible to remember a unique password for all of them. Therefore, you need a password manager. Password managers work by storing all your passwords for you; all you need to remember to access this database is one strong password. In addition, the password manager can help you create a long, complex password of random letters and numbers that are far more random and complicated than 3 random words or a passphrase can. The best part of using a password manager is that you don’t have to remember all these complex passwords — your password manager will do it for you.
QuickProtect Can Help
If you need help getting your staff up to speed on creating better passwords, contact QuickProtect today. Our goal is to keep you, your team, and your organization secure.