We’re all adults here, and can therefore unanimously agree that pretending is rad. Sometimes I like to pretend I’m a 7-foot tall robot that can punch utility vehicles to pieces. Other times, I like to pretend I’m a spy. The spy mindset can be taken to work at FSB in a manner most effective when you apply it to your password security.
Let’s pretend you’re the Good Spy this time, and I’m the…Bad Spy. I’ve been following you for some time now. Please don’t hit me with a restraining order, this is hypothetical. I know where you go and when you go there, I know about your pets, family members, and hobbies. I may even notice where you keep your notepad and other note-like documents. I’ve gone through your trash (I’m really serious about the restraining order thing) and figured out birthdays, anniversaries, even some financial data. I could take your wallet/pocketbook/man-purse from you at any time. Your password to your computer at Her Majesty’s Secret Service could be my key to information that could destroy the world or make my boss a very rich man.
While it’s not at all healthy to be this paranoid, it’s good to think this way when it comes to any of your passwords that might restrict access to sensitive data. Everyone has sensitive and personal data that if it fell into the wrong hands could lead to a very bad time for you. I’m very familiar with many of your feelings on password policies — there are so many different ones, how can you keep it all straight?! But it’s important to remember how much damage the data could do in the wrong hands. If it can make the process a little more fun, the next time you need to change your password in any system, pretend you’re the Good Spy again.
Try to avoid using any passwords containing info that I, the Bad Spy, could guess from having followed you for so long. Definitely avoid writing your password down, lest I snatch that note in a spy-like fashion as soon as you look the other way. If using the name of a pet or loved one can help you remember the password, replace certain letters with numbers or special characters so I’ll get locked out before I can guess the exact characters to use. Scatter numbers of birthdates and anniversaries around inside of a password. For example, my birthday is 08/12, and my cat’s name is Millie. A password like Millie0812 or 0812Millie is an easy one. A password like that would have me accessing your computer and laughing maniacally as lightning cracks the stormy sky in the background. But a password like 12Mi11i308 would take me more guesses to figure out, and probably get me locked out and tackled by the gentle folk from Security. An added bonus of making your password more complex via numbers and special characters is that it would make it harder for my Super Spy Pocket Computer to crack the code. With a complex enough combination of numbers, letters, and special characters, it could take BILLIONS of years for even the most powerful computers to crack your password. BILLIONS!
It really pays to use your imagination. The ability to imagine is part of what makes us human, and can also be pretty cool if you’re trying to squeeze some enjoyment out of something as grating and nerve-wracking as suddenly having to come up with (and remember) a brand new password. That process is protecting the sensitive data that could destroy your world in the wrong hands. That should be motivation enough to get you pretending along with me.
Thanks very much for reading! Now, if you’ll excuse me, that bulldozer just cut eyes at me…
Blog submitted by: Tommy Cahoon, IT Specialist