J003-Content-Security101GoodPassword_SQUnfortunately, insecure passwords are not a thing of the past. As companies continue to grow, employees will use more and more applications that require a passcode. It’s time you enforce a new strategy to improve the security of your network.

A good password is no longer enough to keep baddies from infiltrating your systems. It’s time you start thinking about using a passphrase.

The best defense when thinking about a good passphrase is to know how passwords are hacked. An attacker will first go through a list of passwords which are commonly used, then they will variations of those passwords. Most people will use their name, anniversary date, or even zip code as part of the passphrase. Guess what? That is way too easy to get hacked.

Here are some tips on how to create a passphrase you can remember but will still keep you secure.

Make it random

There are a few theories on how to make your passphrase random. Bruce Schneier, an internationally renowned security technologist, came up with the Schneier scheme which describes a method to come up with an easily remembered sentence and make it into a passphrase.

What you do is come up with something memorable such as “My youngest sister was born when I was seven.” Then turn it into a passphrase that is unrecognizable which includes symbols such as “MYswbWIW7!”.  Another example is the phrase “Long time ago in a galaxy not far away at all” becomes Ltime@go-inag~faaa!. Obviously, do not use these examples for security reasons.

The longer the passphrase, the better

If you use only letters in a non-case sensitive password, an 8-character password has 2 billion possible combinations and would take the most powerful supercomputer or distributed attackers less than four minutes to crack.

The XKCD method illustrates using four random words to create a passphrase. Specifically, one that only you would understand. An example would be “PerfectHorseBatteryStaple.” Using a long passphrase like this is easier to remember than random symbols which makes it ideal.

More complicated than a Rubix cube

What’s great about a QWERTY keyboard is all the combinations especially when you mix lower and uppercase characters. A great passphrase is unique to only the user. Keeping the network secure is the responsibility of the person using the machine. There are 96 possible characters on a keyboard that can be entered with or without using the SHIFT key.

Avoid using the same character consecutively because it compromises the complexity of the passphrase. Consider combining both the XKCD and Schneier methods to create a 12 character passphrase that is a serious nail-biter.

Fresh is best

Your company should have a policy to change passphrases regularly to keep your network secure. It is recommended that every 60 to 90 days employees should update their passwords. Although some security experts believe that it is better to have stringent requirements on lenght and password complexity rather than getting users to change passwords every three months. 

Keep it a secret

Passphrases must never be shared. Not even with your IT support or supervisors. Employees should be trained to keep their passphrases a secret. Also, ensure they never write their passwords down and hide it underneath their keyboard or mousemat.

There are several apps on the market which are great for saving passwords and are safe from hackers. While using multi-factor authentication is the best way to go, when you just don’t have that option, creating, using, and enforcing strong password practices can help with security. Use the guidelines above to help create a good password policy in your network, and to teach your users good password practices.

Though keeping passphrases complex, long, and a secret, it may not veer off all of the vulnerabilities within an organization. All of the machines connected to your network need to have their security updated regularly. GFI LanGuard takes an inventory of all of the devices on the system and distributes patches as necessary to keep them from being vulnerable from malware.

A strong passphrase is one defense from allowing hackers from infiltrating your systems, however, having a good security plan will make your network ironclad.

For more information on how to secure your business, checkout the GFI Software Network Security solutions.

Get your free 30-day GFI LanGuard trial

Get immediate results. Identify where you’re vulnerable with your first scan on your first day of a 30-day trial. Take the necessary steps to fix all issues.