Barney's Blog

Blog archive

Doug's Mailbag: What's Your Password Strategy?

Readers share some tips on strengthening password security:

As I set up routers or servers, a password that I always use is simple, effective and easy to remember. Here is my algorithm:

Lets say the router is at the following address:
123 Noplace Lane
Missoula, MT 59808.

The password for the router would be:
!@#N0pl@c3l@n3%(*)* 
123noplacelane59808 


As you can see we have special characters, uppercase letters, lowercase letters and its not a word that could be found in a dictionary or brute force attack. Numbers are simply typed in using the shift key while entering them in to grab the special characters. The first letter of the street is capitalized, letter 'o' is always changed to a zero, 'e' is always changed to a '3' and 'a' is always changed to an '@.'


The client just follows those simple rules and walla, a hard-to-crack password that is easy to remember.

-Jay 

I created a fairly complex mental 'algorithm' to generate passwords. With it I create unique, complex passwords for each use. The 'algorithm' exists only in my head and it would be nearly impossible to recreate it from a single password.
-Glenn

Managing passwords in a secure way can be a real challenge, as you point out in blog post. We've found a solution that works for us in Secret Server, an enterprise password management software solution from Thycotic Software. We like it because passwords are stored in an encrypted database and it assists in creating and managing password access levels for administrators with different authority levels. And you can audit password views so you always know who has accessed which passwords.
-Dan

Share your thoughts with the editors of this newsletter! Write to dbarney@redmondmag.com. Letters printed in this newsletter may be edited for length and clarity, and will be credited by first name only (we do NOT print last names or e-mail addresses).

Posted by Doug Barney on 03/19/2012 at 1:19 PM


Featured

  • RAMBleed Side-Channel Attack Method Disclosed by Researchers

    Academic researchers this week published information about another side-channel attack method, called "RAMBleed," that can expose information from memory chips, including encryption key information.

  • Penguin

    Windows 10 Preview Build 18917 Shows Off New Linux Integration

    Microsoft's latest Windows 10 "fast-ring" preview release is showcasing a coming Delivery Optimization enhancement, along with the ability to try the newly emerged Windows Subsystem for Linux version 2.

  • Customizing Microsoft Office 365

    While the overall look and feel of Office 365 is pretty standard across organizations, there are several ways to personalize it and make it fit better with your company's specific needs.

  • Microsoft 365 Business Tenants Getting Conditional Access and Trouble-Ticket Features

    Microsoft added its conditional access security service to Microsoft 365 Business subscriptions, according to a Wednesday announcement, and it also added new trouble-ticket features for Microsoft 365 administrators.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.