It is crucial, now more than ever, to have a password policy in place to prevent passwords from being guessed or cracked. Today, we are connected in so many ways, on so many platforms that we need to ensure that we are protecting ourselves from the many threats that are out there. The environment has changed drastically over the last year; today there are more entry points than ever, which is leading to more targeted attacks on companies of all sizes. Having a secure and complex password protects your sensitive data;
- Passwords may not contain users account name or personal information (date of birth, names, your favorite hockey player, brands, etc.);
- Password may not contain dictionary words written in plain text;
- Password must be at least eight characters in length;
- Password reset interval is determined by your network setup. 60 days.
- Do not write passwords in places where others might see them, e.g. sticky note, whiteboard.
- Passwords must contain THREE out of FOUR of the following categories:
- English Uppercase characters (A through Z);
- English Lowercase characters (a through z);
- Base numeric digits (0 through 9);
- Non-Alphabetic characters (examples – !, $, #, @, (, ), +);
Example of a bad password would be: pa$$w0rd, HarryPotter01, orangeDog, Alisa11101983;
Example of a good password would be: (a1mR@cc00n73, U5e+#!5P01!(y@w0rk7102, !L0v3G0+on#b0, Al!sa11J@n3891
Here are some tips on how to create a strong password:
- Try to think about a passphrase (multiple words), it can be something related to what login the password is created;
- When creating a passphrase you can substitute words with letters or symbols such as for=four=4, to=two=2, at=@;
- Try to substitute letters with numbers or symbols where appropriate e.g a=@, t=+, h=#, s=$=5, e=3, i=!, l=1, c=(=<;
Here is an example strategy of creating a strong password:
- A good password will look like this: U5e+#!5P01!(y@W0rk7102 passphrase: “use this policy at work 2017”
- Notice that all words are starting with capital letter;
- Most of the letters were substituted by the analogy of a number or symbol
- The year 2017 was written backward.
Playing around with passwords is fun, but don’t play too long, remember, you still have to memorize and be able to type this password without writing it down somewhere.
If you have any doubt as to the above requirements, please do not hesitate to contact your I.T. ISIN Solutions Support Team BEFORE attempting a password change.