toggle menu

Good Practices

1 Good Password Practice

This is the first in a series of good practices that you can follow for safe and secure computing, and more importantly to secure your online presence.

Passwords are like keys to our house, they provide access to our devices, online accounts and the information contained on those devices and accounts. From online shopping, webmail, social networks and others – passwords are sometimes the only protection we have for these accounts. It is therefore important to follow good practices in creating and managing our passwords:

Use strong passwords

  • Consider using “pass phrases” in place of “passwords”.
  • Always use passwords with eight or more characters, the longer the better
  • Use a combination of alphanumeric keys preferably with a combination of upper case and lower case letters, numbers and special characters ($, ?, &, +, etc.)
  • Do not use dictionary words
  • Do not use personal information (e.g. name, birthday, etc.) as your password or as part of your passwords

Use multiple passwords

  • Do not use the same password for different accounts
  • Use different passwords for different devices and different services (e.g. MSN, Google, Apple, Facebook, etc.).
  • Using the same password for many accounts can easily put all your online accounts at risk if one of the sites are hacked or if your password is stolen.

Change passwords periodically/regularly

  • Change your passwords every few months, or monthly if possible.
  • Note that changing a password is quick and easy compared to the effort and pain of controlling or managing the damage and aftermath of identity theft

Consider using a password management system

  • Do not write your password on sticky notes and post them on your screen.
  • Find a reputable and trustworthy password management program, use it and make sure that it is always up-to-date.

Don’t share passwords

  • Do not, under any circumstance, share your password with anyone. Even if the person you trusted with your password did not intentionally use your password for malicious or ill-intent, an erroneous or careless handling or use of your password may result in irreparable damage.