Today’s headlines are full of security breaches and the penalties are steep. You can lock the doors to your office but how do you lock up your data? With mobile access and cloud computing your data can be available anywhere. Passwords are the only barrier to unauthorized access and should protect every workstation and every data application on the workstation.
You wouldn’t lock your office with a skeleton key so you shouldn’t lock your data with simple passwords. The best ones are lone, complex, and look incomprehensible, which are difficult to remember especially when changed often. Passwords should be at least 8 characters long with a mix of uppercase, lowercase, numerals, and special characters. Never use personal information or words found in the dictionary and don’t use the same passwords for less secure sites (e.g. shopping) as you do for more secure ones (e.g. your electronic health records [EHR]).
To make them complex but memorable use a few of these tips together: Combine two or more “keywords” as a base, or generate keywords by making a mnemonic from a phrase or sentence, such a ftybr for “follow the yellow brick road”. Make some of the letters uppercase, and substitute special characters for letters such as @ for a, ! for 1, or $ for s. Use the buttons on your phone to convert some of the letters into digits such as 8 for T, U, or V. You can include a special date but put some of the digits at the beginning and some at the end.
Now that you have strong passwords, protect them! Never write them, share them, or save them on your computer.