General Guidelines for Good Password Management

Roscoe Douglas

Systems Staff

January 13, 2017

Most companies have strict regulations on password management, which means that you probably have a decent password safeguarding all of your work information. However, you’ve probably had the same shoddy password since your freshman year of college protecting your personal information.

If this is you (and it probably is), here are a few tips and best practices you should enact for keeping your stuff safe in today’s connected world:

  1. Don’t have a username that is the same as your password. – That’s stupid, and you deserve what you get.
  2. Don’t use the same password for everything. – You can spot the obvious weakness, if you have one password to rule them all. If it’s compromised…you’re done. This is especially true for all of you sharing your HBO GO password (you know it’s spreading like a dirty secret).
  3. Yes, you can have simple passwords (for some things). – With deference to #1 above, simple passwords are okay when you have account IDs for sites that don’t store your credit card information or personal information (like your social security number).
  4. Yes, you should have strong passwords (for some things). – Strong passwords that are long, tedious, and look like a bunch of gibberish are a good way to keep someone from guessing your password. So, don’t use that overly simplistic password to protect your online banking, primary email, or even your Amazon account (it’s storing your credit card after all).
  5. Change it up every once in a while. – It’s a pain to do, but changing your password once every few months or even once a year is a good idea especially if you’re using it across multiple accounts (which I already said you shouldn’t do, but being real of course we all do it).
  6. Create your own password reset questions when you can. – Facebook already told me where you were born and what your high school mascot was.
  7. Use two-factor authentication for your important email accounts (especially ones that you use to recover or reset passwords). – You can enable this on Google, so if a person gets your password and tries to hack your email account from an unknown computer or device they won’t be able to get that one time passcode that just got texted to you.

Cybercrimes are one of the most rampant forms of crime in today’s society – be sure to stay safe!