Good Passwords

I am often asked what makes a good password, and my answer is the same every time: The best passwords are the ones that neither a person nor a computer would ever be able to guess.
Good passwords are important here, as a breach could mean someone from the outside stealing trade secrets and intellectual property — even if it’s not the assets themselves but emails and calendar events that reference them. I’ve worked with a few vendors and agencies that are comfortable sharing their passwords, which allows us to exchange artwork for projects. Yet, by giving me their level of access, they are probably giving me too much access. That doesn’t fly at Go East.
Secure passwords are just as important for employees that have limited access. If hackers gain privileges to a company directory or internal procedures, it could help them gain control of another account with higher access.
For many agencies, and small- to mid-sized organizations that don’t have large IT departments, this kind of organization-wide security is often overlooked, but when you’re working with Fortune 500 companies, your security needs to be just as good as their security.
I think one of the least secure aspects of online accounts is the use of “security questions” in addition to your password. Yesterday I was quoted by WCCO’s Jason DeRusha on his “Good Question” segment:
Aaron Landry, IT Manager for Go East in St. Paul, said “I argue that those ’security questions’ actually make accounts less secure. I mean, what’s the point of having a super secure password if all you need to know is someone’s birth date, the name of their dog and their mother’s maiden name?”
He also suggests making up answers to those questions.
Landry has several password tips he said he shares with his company’s employees.
“A good way to make passwords is to mix two separate things together. For example, use your spouse’s middle name spelled backwards with your zip code — or your child’s birth date mixed with the street you grew up on,” he suggested.
Also, “Avoid using dictionary words — try swapping out some of the letters with numbers.”
DeRusha interviews others with good advice as well.
One last bit of advice: The best passwords are completely random strings of letters and numbers, which most people are able to memorize in a couple days … oh yeah, and don’t tell anyone what your password is!


This summer, the Minnesota Department of Public Safety 
