Well, I know I have been saying it for years, talking about it like it was one of the most important aspects of your computer, and emphasizing it as one of the top five most important security configurations for corporations and users.

With so many companies being attacked, compromised, and making front page news, I hope that now you get the picture!? The passwords for your Active Directory, your bank, Amazon, LinkedIn, and other sensitive accounts are key to your career, personal protection, and economic stability.

Now, all I can say is, “I told you so!” Just like your mom said to you regarding washing behind your ears, wearing clean underwear, and not cursing in public.

It only makes sense, does it not? Most of us are so pathetic (and trained to be that way) with our passwords. Passwords like:

Password
P@ssw0rd
Adm1n
Derek123
Mark08021964
etc.

These are not good passwords. Why, you ask? Well, because they are easily guessed, easily cracked, and you typically use the same password for all of your accounts.

Creating passwords that are not easily guessed is rather easy. Just use long passwords. Actually, use passphrases. Here are some examples:

I love to play craps.
My puppy Hercules is so cute.
I want to go to DisneyLand.
My future Porsche Turbo should be Guards Red.

Notice each one is just a sentence. Each one meets most Active Directory installations, which is three of four types of characters and minimum seven characters in length. The reason that these passwords –  um, passphrases – are so good is that they are very hard to guess and most important, they beat nearly all password cracking tools and techniques like dictionary attacks, brute force attacks, and Rainbow tables.

If you use the same password or passphrase for all of your accounts, I feel your pain. Trust me, I have many accounts, and I try to use something different for each. I also try to match the password or passphrase to the account in some way. For example:

Airline password: I hate to travel in coach.
Bank: My savings is always to small.
Amazon: I love to shop online during Christmas season.
Active Directory: I really think I should be CEO.

There are other issues with using passwords or passphrases this long on the Internet. Many sites don’t accept spaces in the password. Well, in that case, just reduce the passphrase to only words, smushed together without the spaces.

Ihatetotravelincoach
Mysavingsisalwaystosmall

Trust me, typing these passwords is easier than what you do today! Give it a try!

Also, when you have an email from Amazon, Facebook, your company  network, or somewhere else, you now have ideas on how to make your passwords more secure and easier to remember.

For more information on passwords, you can read my articles at:

https://blogs.manageengine.com/active-directory-2/2014/05/16/domain-password-policies-configuring-and-auditing-correctly.html

http://www.windowsecurity.com/articles-tutorials/viruses_trojans_malware/pass-hash-protect-your-windows-computers-part1.html

http://www.windowsecurity.com/articles-tutorials/viruses_trojans_malware/pass-hash-protect-your-windows-computers-part2.html

http://www.windowsecurity.com/articles-tutorials/authentication_and_encryption/Windows-Passwords-Making-Secure-Part1.html

http://www.windowsecurity.com/articles-tutorials/authentication_and_encryption/Windows-Passwords-Making-Secure-Part2.html

http://www.windowsecurity.com/articles-tutorials/authentication_and_encryption/Windows-Passwords-Making-Secure-Part3.html