Password Complexity

Your password should be like good sex – long, personal and memorable.

Something like “the qu!ck brown dog” is better than “e23c£R3k” as it is more memorable and in being longer, it requires more permutations to crack as opposed to an 8 character randomised password which no-one can remember. I always like to include at least one non-alphanumeric such as £ or % or ! in order to increase the complexity of the character set required to crack the password.

Never share a password, i know this seems obvious but as soon as it is ‘in-the-wild’ it is compromised and must be changed.

Cached Passwords

Cached passwords are the holy grail of hackers and a principal target for information thieves, for this reason you should never save your password on your workstation and never use the same password across systems.

When prompted to save a persistent authentication token such password, you should always say no or never. The only place for a ‘stored’ password is an encrypted and password protected database (for which it should not have the password written down).