In our last Thoughts from OGsys, we highlighted the Equifax failures from the last year. The second breach stemmed from a terrible password practice. An online employee tool could be accessed by typing 'admin' as both a login and password. Don't make the same mistake.
This month, we asked Mark Dungan, Manager of Development, and David Tomlinson, Manager of IT and Infrastructure to share a bit of password wisdom.
David recommends using a long, nonsensical phrase. An example would be “elephanticecreaminhawaii”. “It has been proven over and over to be the most secure and most memorable, which keeps you from needing to write it down.”
To take this one step farther, Mark suggests to also “use a combination of phrase, name of the website or system and numeric algorithm. This system ensures that passwords meet the requirements that David spoke about, but also ensures that each password is sufficiently complex, unique, highly memorable and flexible; albeit a little difficult to explain.”
For example: a sample password for gmail could be: “5!1ILoveGmailEveryday”.
The code to create this password is:
(# of letters in system[gmail=5])!(number of special characters[exclamation = 1])ILove(system[gmail])Everyday
Using this algorithm for Microsoft would be:
Be sure to share this advice with others at your office to ensure that your valuable company data remains secure.