Are passwords enough?
With the ever increasing number of online services that people use comes with the need to think of a new password. Normally individuals will use the same password for multiple services so they don’t forgot which one to use. Unfortunately with the increased risk of cyber threats have encouraged websites to increase their security controls when it comes to their users creating passwords. Now individuals are asked to choose a password with high complexities which include a minimum numbers of characters, symbols, and numbers.
Although it makes it more difficult for hackers to try and crack in accounts, individuals are becoming more frustrated as different sites will require different password complexities which in turn requires different passwords to be used. So although increasing the complexity of the password makes it more difficult to crack the password, individuals are finding it increasing more difficult to remember all more than one password. In order to remember their passwords it’s not uncommon for individuals to writing them down, save them on their computer not encrypted, or in some cases write the password on a sticky note and sticking it on their laptop!
In most cases passwords are sufficient in protecting information however in other cases alternative forms of authentication such as password tokens or biometrics should be considered when dealing with sensitive information.
This extra level of security is known as two or three factor authentication. The motto is ‘Something you know, something you are and something you have’ and combining all three methods provide the best overall authentication protection.
To choose a good reliable password CERN computer security provide a few easy steps that you can follow:
- private: it is used and known by one person only;
- secret: it does not appear in clear text in any file or program or on a piece of paper pinned to the monitor;
- easily remembered: so there is no need to write it down;
- at least 8 characters long;
- a mixture of at least 3 of the following: upper case letters, lower case letters, digits and symbols;
- not listed in a dictionary of any major language;
- not guessable by any program in a reasonable time, for instance less than one week.