If you’ve listened to IT professionals at all in the past ten years, there’s a decent chance you’ve heard advice like, “Your password needs to be longer,” and “Change your password often.” Do any of those sound familiar?
Well, if you’ve tried to follow any of that advice, you may have sticky notes on your monitor or a notebook where you keep all your passwords. The IT industry has given this more thought and realized that the harder it is to follow complicated rules, the more likely we humans are going to find ways to work around them.
In June 2017, the National Institute of Standards and Technology revised its guidelines on what a good, secure password is. And it turns out they no longer recommend complicated passwords. Instead, keep your password simple, long, and memorable. Phrases, lowercase letters, and common English words actually work quite well.
While it will take years for password requirements on various websites and services to catch up with these new guidelines, they’ll actually be a positive change for the internet and for those who use passwords. But where do I keep them, you ask?
Password managers such as LastPass allow us to create a secure place to store our login credentials, and you can even use it to generate random passwords. If you use something like LastPass, you only have to remember one password—the master one.
On the other hand, if you don’t trust password managers and/or simply want to keep your own record of login credentials, make sure you keep them where no one else can easily see them—no sticky notes, please!
Also, don’t use the same password for multiple sites or services. If someone happens to discover that password, they could be able to hack into several places where your personal information is available.
Using a combination of unique passwords and a password manager can help ensure that your information stays protected as you navigate the internet-driven world of both business and life.