Password Fatigue Syndrome and its Treatment
Do you suffer from this?
Symptoms include prolonged frustration and severe weariness that is not relieved by screaming at your computer or pounding your electronic device against your desk, or even by taking deep yoga breaths. Suspected causes include the requirement to develop strong passwords for every single electronic device or application you want to use at home and at work, repeated exposure to wildly different password standards, the need to quickly recall the correct password for the correct purpose at the correct time and the constant admonition to change passwords for security purposes. The only known cure is to give up and stop using the devices and programs requiring passwords, hardly possible in this day and age. Treatment consists of understanding why passwords are necessary, learning guidelines for password construction and incorporating ways to protect your password. There are numerous treatment resources out there (providing you can remember your password so you can log onto the Internet) and this article really is only the tip of the iceberg. But, please, read on.
Password Necessity. We all know that hackers use personal or confidential information belonging to others to capitalize on, profit from, publicize, and blackmail. Hacking can involve high stakes and big money. Your computer files may be stolen, altered or destroyed. Your identity may be compromised. Local, State and National security may be threatened. Sometimes hackers take over a computer and turn it into a "zombie", using it for malicious tasks such as sending out large amounts of spam email. The consequences to not having a strong password are real. Do you know that an 8-character perfectly random password consisting only of number and alphabet letters can be "cracked" in just a few minutes using commercially available software? Strong passwords are often the only thing standing between a hacker and access to your information.
Password Construction No password is uncrackable, but making a strong password is your best defense. The key to password strength is length, complexity and randomness.
- Length. As passwords become longer they become exponentially harder to crack. The State’s IT policy for computing suggests at least eight characters long. The longer the better but within limits.
- Complexity. An ideal password has letters, punctuation marks, symbols and numbers. They are not words in any language, dialect, slang or jargon. A mix between upper and lower case is also good.
- Randomness. The more random a password is the better; be creative and obscure. Never use default passwords or ones based on personal information or are the same as your user ID. Don't use popular music titles, shows or celebrities as passwords or sequences such as 123456 or abcde, etc.
Password Protection Common sense practices will help protect your password. Do not:
- Commit your password to paper. No Post-It notes. Keep it in your head.
- Share, email or reveal it to others.
- Use the same password for long lengths of time. Change it often. The more important it is, the more often it should be changed.
- Use the same password for all of your accounts and applications. If hacked, they are all compromised.
- Enable the “Save Password” function, even if prompted.
- Use sample passwords found on any website.
- Configure your hardware to log on without a password.