Every website, computer user and business must develop and enforce strong password policies. Proper password procedures may not alleviate your paranoia but it will help you sleep at nights.
Use complex. totally random passwords.
Let’s face it, many people use low-tech, easy to remember and easy to guess passwords. Some of the most common are the last 4 digits of their social security number, the month and date of their birth (which is often the same as their bank card PIN), the name of their favorite pet, a spouse’s name or some other memorable and thus dangerous combination of numbers and or letters.
A few years ago we consulted with a company that hired a third party to install new Cisco routers and Firewalls. The third party consultant was asked to provide VPN credentials to all ten employees who would be accessing the company network from the outside. The consultant used employee names and substituted numbers and letters and a special character for the first character. So Robert became #R0b3rt, David became #D@v1d, Samuel became !S@mv3l and Jennifer became !J3nn1ff3r. Oddly, the names of these 10 employees were also listed on the company’s website. Not good!
Passwords should be complex. Your password policy should consist of completely random passwords of varied length. Each password should contain upper and lowercase letters, numbers and special characters. We recommend that the passwords be randomly created as well.
Country IP Blocks has created this Random Password Generator for those serious about their password policies.