As I set up routers or servers, a password that I always use is simple, effective and easy to remember. Here is my algorithm:
Lets say the router is at the following address:
123 Noplace Lane
Missoula, MT 59808.
The password for the router would be:
As you can see we have special characters, uppercase letters, lowercase letters and its not a word that could be found in a dictionary or brute force attack. Numbers are simply typed in using the shift key while entering them in to grab the special characters. The first letter of the street is capitalized, letter 'o' is always changed to a zero, 'e' is always changed to a '3' and 'a' is always changed to an '@.'
The client just follows those simple rules and walla, a hard-to-crack password that is easy to remember.
I created a fairly complex mental 'algorithm' to generate passwords. With it I create unique, complex passwords for each use. The 'algorithm' exists only in my head and it would be nearly impossible to recreate it from a single password.
Managing passwords in a secure way can be a real challenge, as you point out in blog post. We've found a solution that works for us in Secret Server, an enterprise password management software solution from Thycotic Software. We like it because passwords are stored in an encrypted database and it assists in creating and managing password access levels for administrators with different authority levels. And you can audit password views so you always know who has accessed which passwords.
Share your thoughts with the editors of this newsletter! Write to firstname.lastname@example.org. Letters printed in this newsletter may be edited for length and clarity, and will be credited by first name only (we do NOT print last names or e-mail addresses).