Passwords – Fact Sheet

Why do I need complex, unique and long passwords – I can’t remember all of them.

Passwords are the bane of our digital existence.   Everywhere we go we need a new one.

Passwords have to be complex, unique and more than 8 characters.

Password Fact SheetHow the hell am I going to do that?

Those features are important because of the way the digital world has changed.   The cybercriminals are clever, persistent and patient and we are now only discovering how really annoying they can be.   The dynamics of the Internet / digital world have changed in the last 5 years becoming a darker and more dangerous place.

Passwords use to be important for simple websites like banks, email and to access computers at work.   That has changed with the uptake of social media, and every website you go to get information asking for your email address (user name) and a password.

Most people are in the habit of using the same user name and password combination for every site they go to, or they have a limited number that they use.

Why is this bad?

To simplify it, it is bad because of a number of reasons:

Let’s say you have an account on 3 web sites,

  • Your business cloud login- joe@somewhere.com xyz098@
  • Facebook – joe@somewhere.com xyz098@
  • Some non-descript web site that you downloaded an eBook from ebooks.com – joe@somewhere.com xyz123@

Now ebooks.com gets hacked and the hacker steals the user database and sells it to the hacker community.    It takes ebooks.com 6 months to find out it has happened.

Your normal username and password is now in the hands of the criminals.   They add your username combination to their automated systems and the automated systems then ping the digital world at more than 1 million destinations an hour.   When they get a successful log on, the combination goes up the line to the real hackers and now they have access to your Facebook and business.

Not a good situation to be in!

How do you create complex passwords that are unique for each site and longer than 8 characters?

Here’s how!

  • Pick a phrase – I only work on Tuesdays and Thursdays or every Saturday I play golf or tomorrow is going to be a good day. – any phrase with 5 or more words
  • I will use “every Saturday I play golf”
  • Use the starting letter of each word – esipg
  • Add a symbol to the beginning and end, change the I into a 1 and put a couple of capitals in there
  • @Es1pG!
  • This is your base password
  • Use the base password for everything you need.
    • Work cloud based password = @Es1pG!work
    • Facebook = @Es1pG!face
    • EBooks = @Es1pG!ebooks

You can write your password phrase down so that you can remember it and no one will understand what it is for.

There you have it, easy to remember, complex, unique and more than 8 characters long passwords.

Download PDF of this article – for distribution to your users

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME Digital Security Framework.   He is a Speaker, Author, Teacher and educator on cybercrime and how to protect yourself from the digital world.

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.