Should a password be long and complicated, requiring it to be written down to remember it? Or should a password be easy to remember, easy enough that you don’t have to write it down?
Complex passwords – ones with lots of random numbers, punctuation, and letters are the best. And gone are the days when you need to take those complex passwords, write them on a notepad, and….tape it to the bottom of your keyboard. (Which has its own security vulnerabilities, particularly in an era where insider threats are one of the greatest industry threats). Today, a variety of password tools will develop complex passwords and remember them for you. This is the better option, particularly in comparison to creating a password that’s easy to remember – like Password123.
In addition, you also want to take care when selecting questions for “password reminders”. Gov. Sarah Palin’s Yahoo email was accessed unauthorized, showing the vulnerability of personal email, especially for public figures. It really wasn’t a “hack”, because it just required some research and guessing. Usually, a user has to answer a question they wrote and that they can only answer to get their password. Well, if you’re making headlines in the media? Googling “where did Palin meet her husband” will return enough answers.