Category Archives: Password

Tip #6 Set Strong Passwords


Setting a strong password is the first line of defense when trying to protect your personal data and devices. Strong passwords are typically long, unique, hard to guess, and incorporate numbers, random words, and special characters. Using common words or easily guessable information about yourself and your lifestyle is not recommended.

Consider changing passwords regularly and using different passwords for different accounts. This will prevent attackers from having access to all of your accounts immediately after compromising one password.

Some common password tips include:

  1. Use a unique password for each of your important accounts.
  2. Use a mix of letters, numbers, and symbols in your password.
  3. Don’t use personal information or common words as a password.
  4. Make sure your backup password options are up-to-date and secure.
  5. Keep your passwords secure.


Article: Smoking vs. Weak Passwords

“A study revealed that government spent $48 million on anti-smoking campaigns. Every year same or higher amount of money is spent on such campaigns. Government still allows its sales though smoking is injurious to health

Why talk about advertisements and sale of cigarettes and what does it have to do with weak passwords?

Like smoking, weak passwords have consequences. CISO’s and security professionals spend thousands if not millions of dollars on awareness but still allows weak passwords.

Security professionals those protecting Organizations, leave many applications allowing users to enter weak passwords. Problems of weak passwords are higher where Organizations allows Shadow IT applications. Many e-commerce websites accept weak passwords in favor of better user experience.

A strong password is a default necessity to increase our chances to stay protected. Yet, in a recent study, “123456” and “password” remains most popular password in the year 2014 and 2015.  Not only CISO’s but end users too needs to understand the dangers of weak passwords. But, sometimes “Ignorance is bliss” costs.

Password strength vs. User experience is going to be a never ending debate. But as security professionals, we need to analyze risks and favor strong Passwords.

Government have powers to ban cigarettes so do CISO’s and security professionals. Security managers too have powers to enforce strong passwords or make two-factor authentication mandatory.

It is clear that just awareness is not enough to reduce exposure on weak passwords. Perhaps, awareness must include real-life cases of breaches due to weak passwords. Just like cancer patients are cast for anti-smoking advertisements!”


Article – Your Secret Questions Are Just as Terrible As Your Passwords

A recent article from PC Magazine highlights research from Google surrounding the limited effectiveness of secret questions for account recovery:

“Not being able to remember your secret question responses is
annoying, but Google said the bigger concern is hackers who try to
hijack accounts using “mass guessing attacks.” With weak answers, it’s
not that difficult: a 2009 report from the Institute of Electrical and
Electronics Engineers said that researchers guessed about 10 percent of
people’s answers by using common responses.

In an era of openness, meanwhile, where your every move is chronicled
online, it’s not hard to find things like place of birth, mother’s
maiden name, or high school mascot by trolling a Facebook or Twitter
account. This type of scenario is potentially how hackers gained access to
celebrity iCloud accounts last year. “Certain celebrity accounts were
compromised by a very targeted attack on user names, passwords, and
security questions, a practice that has become all too common on the
Internet,” Apple said in a September statement”

Tips for Safe Password Sharing