Welcome to my October 2019 refresher series in honor of this year’s National Cyber Security Awareness Month. Last year’s five-part series went over well, so I wanted to revisit what I see as the three most commonly overlooked aspects of cybersecurity from the home and end-user perspectives; 

• Passwords, how we come up with them and how we store them 

• Updates, when to check for them and how to apply them 

• Netiquette, what to do, and what not to do on the open Internet 

This week, I’d like to focus on passwords. When it comes to passwords, there are two major factors in keeping your personal information safe, how you come up with your password, and how you store it. Ideally the answer to the last question, i.e. how you store it, is mentally so you don’t need to write it down anywhere. It’s no surprise that merely writing your password on a sticky note attached to your monitor is not a secure way of storing it. If you simply must write a password down, be sure to keep it under lock and key in a drawer, or other safe-style enclosure with a combination lock. 

Almost as important as where you’d store your password in written form, is how you come up with your passwords. In addition to needing a password for every service and website you count on, you should also be creating complex passwords unique to each provider. There are both applications and websites that help users to come up with random passwords. I can’t be the only one asking myself, “How am I we supposed to come up with good passwords that meet the complexity requirements of both personal and business-oriented services?” Lucky for all of us, that’s where my top 3 password generator websites can give us a hand… 

1. Avast’s Random Password Generator – My favorite by far due to conforming automatically to all the above and defaulting to a 15-character password at that. If needed, there’s even a check-box on the page to have it include special characters. 
    

1. Norton’s Password Generator – A close second, where just opening the page will provide you with a suitably secure and complex password. I tend to trust that the big players, like Avast above, and Norton here aren’t storing the values the generate for us. 
    

1. Random Word Generator’s Random Password Generator – A decent third, though admittedly not a name-brand like the first two, this one defaults to a comfortable eight characters and includes special characters. Just as with the top two, merely opening the page will provide an excellent pseudorandom password string for use in just about any application. 

All my favorite sites specify inputs as to how many characters the passwords should be, whether to include upper case, lower case, numbers, and special characters, and even password strength indicators. In order to pass muster, passwords shouldn’t contain or even hint at words that are commonly found in dictionaries. Seemingly random strings of characters are considered our best option to prevent brute force entry or dictionary attacks. 

Aside from picking a secure password, whether you use one of my top three sites or come up with your own, one final word of warning is never reuse passwords across services. Don’t use the same password to access your bank account as you use to get into your email. If your email provider were to get hacked and user passwords are exposed, which has happened before and will happen again, then any other accounts registered with that email and password combination are also in danger. Don’t fall into complacency, protect your information, and talk to your family about how they password-protect their data as well.