Dos & don'ts of managing passwords

When creating and managing your passwords, there are a number of dos and don'ts.

Dos

  • Use BOTH upper and lower-case letters.
  • Use numbers and special characters. The more randomly you place them in your password, the better.
  • Create different passwords for different accounts and applications.
  • Change your passwords every few months.
  • Keep them to yourself. Avoid giving out your password to others. Once it's out of your control, so is your security.
  • Consider using a phrase or a song title as a password. This may help you to easily remember your password. For example, "Somewhere Over the Rainbow" becomes "Sw0tR8nBO" and "Smells Like Teen Spirit" becomes "sMllsLK10nspT."
  • Use a completely unique password.

Don'ts

  • Don't use the same password for different accounts or applications. If one account is breached, the others will be at risk as well.
  • Don't use your Think password for online shopping sites or free e-mail accounts (Hotmail, Yahoo!, Gmail).
  • Don't create a password using your user name in any form (reversed, capitalized or doubled).
  • Don't use your name, Social Security number or any other personal information that could identify you. This includes the names of your pet/s friends/family, birth dates, phone numbers, license plates, car models or addresses.
  • Don't use any word found in a dictionary longer than three letters. Hackers use automated programs to crack passwords using special programs that scan for any word found in a dictionary. This includes any word spelled backwards.
  • Don't use numbers in place of letters. For example, "Password" becomes "Pa55w0rd." Dictionary programs are also equipped to combat this technique.
  • Don't create a password of keys next to one another on the keyboard (asdfghjkl) or all one letter or number (aaaaaaaa or 444444444).
  • Don't use dates to create a password (for example, AUguST2001).
  • Don't re-use any of your last 10 passwords.
  • Don't share your password with others.
  • Don't write them down and store them near your computer. It's like a key under a welcome mat. It's the first place someone might look.
  • Don't enable the "Save Password" option if prompted to do so. Pre-saved passwords will make it easy for anyone else using your computer to access your accounts.
  • Don't walk away from a shared computer without logging off. This will ensure no other users can access your accounts.
  • Don't use sample passwords given on different Web sites.