-
Notifications
You must be signed in to change notification settings - Fork 9
Passwords
Zak Dehlawi edited this page Sep 29, 2015
·
10 revisions
##Threats Passwords are probably one of the weakest parts of the Internet (author'�s ramblings). They can be guessed, stolen, stored incorrectly, overused in repetition, found written next to computers, forcibly reset, and many more weaknesses. Unfortunately, better and easier authentication methods aren't widely deployed, so we have to do our best to protect any passwords we create.
##Solutions First of all whenever you see 'password', you should think passphrase. Gone are the days where you can use one word as a passphrase.
Passphrases should be:
- 10-20 Characters long, in almost all cases the longer the better
- Make use of upper and lower case
- Make use of special characters and numbers (space bar and tab often counts too)
- Something you can remember (sometimes)
- Not used on other sites (You shouldn't re-use the same password on your email for banking, etc.)
- Should be changed / rotated frequently, how frequently is debatable (every 3-6 months), whenever I hear about a really big data breach of a large application in the news I remember it is time to change my password.
##Strongly Recommended
- Use a password manager whenever possible
- Enable 2-Factor Authentication wherever possible
##Additional Resources
- Password Security in 2 Minutes - https://www.youtube.com/watch?v=FsrOXgZKa7U?rel=0