Barney's Blog

Blog archive

Doug's Mailbag: What's Your Password Strategy?

Readers share some tips on strengthening password security:

As I set up routers or servers, a password that I always use is simple, effective and easy to remember. Here is my algorithm:

Lets say the router is at the following address:
123 Noplace Lane
Missoula, MT 59808.

The password for the router would be:
!@#N0pl@c3l@n3%(*)* 
123noplacelane59808 


As you can see we have special characters, uppercase letters, lowercase letters and its not a word that could be found in a dictionary or brute force attack. Numbers are simply typed in using the shift key while entering them in to grab the special characters. The first letter of the street is capitalized, letter 'o' is always changed to a zero, 'e' is always changed to a '3' and 'a' is always changed to an '@.'


The client just follows those simple rules and walla, a hard-to-crack password that is easy to remember.

-Jay 

I created a fairly complex mental 'algorithm' to generate passwords. With it I create unique, complex passwords for each use. The 'algorithm' exists only in my head and it would be nearly impossible to recreate it from a single password.
-Glenn

Managing passwords in a secure way can be a real challenge, as you point out in blog post. We've found a solution that works for us in Secret Server, an enterprise password management software solution from Thycotic Software. We like it because passwords are stored in an encrypted database and it assists in creating and managing password access levels for administrators with different authority levels. And you can audit password views so you always know who has accessed which passwords.
-Dan

Share your thoughts with the editors of this newsletter! Write to dbarney@redmondmag.com. Letters printed in this newsletter may be edited for length and clarity, and will be credited by first name only (we do NOT print last names or e-mail addresses).

Posted by Doug Barney on 03/19/2012 at 1:19 PM


Featured

  • Microsoft Defender ATP Gets macOS Investigation Support

    The endpoint and detection response (EDR) feature in Microsoft Defender Advanced Threat Protection (ATP) has reached the "general availability" stage for macOS devices.

  • How To Block Self-Service Purchasing in Microsoft's Power Platform

    Microsoft threw Office 365 admins a bone when it gave them the ability to block users from purchasing Power Platform tools without IT approval. Here's how to prevent total anarchy.

  • Azure DevOps Services Losing Support for Alternate Credentials

    Microsoft gave notice last week that it's going to drop Alternate Credentials support for authenticating users of its Azure DevOps Services.

  • Microsoft Endpoint Configuration Manager Update 1910 Released

    Microsoft announced last week that it is starting to deliver Update 1910 for Microsoft Endpoint Configuration Manager users.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.