Unforgettable passwords

By J. Carlton Collins, CPA

Q. What are the minimum criteria for creating a strong password?

A. Microsoft provides a Password Checker website, where you can enter the password to check its strength, an example of which is pictured below.

techqa10


To achieve the maximum strength, Microsoft’s password checker requires at least 14 characters containing at least one of each of the following types of characters: an uppercase letter, a lowercase letter, a number, and a special character. As added security, most experts also recommend that passwords not contain your username, real name, company name, or complete words; that each password be unique; and that all passwords be significantly different from previous passwords.

Because the above rules result in a bevy of passwords that are difficult to remember, I use a different approach that you may want to consider. All of my passwords start with the same lengthy prefix, such as a childhood telephone number, for example, 9126364242 (this is not the actual prefix I use). Next, my passwords all include the name of the account, such as Delta, Amazon, or AICPA. Finally, each of my passwords ends with a four-digit personal identification number (PIN). The results are strong lengthy passwords that I have a good chance of remembering, such as the examples shown below (which are not my actual passwords):

Delta account password:      9126364242delta7543

Amazon account password: 9126364242amazon9312

AICPA account password:    9126364242aicpa2209

Using this approach, the bold PINs are all I need to remember, and because hackers don’t know the actual lengthy prefix I use, these passwords are very strong. With 263 active passwords on my list, this structured approach gives me a fighting chance of remembering many of them. Because uppercase and special characters are more difficult characters to type (especially on a smartphone device), I avoid these types of characters unless they are required. 

J. Carlton Collins is a technology consultant, a CPE instructor, and a JofA contributing editor.

Note: Instructions for Microsoft Office in “Technology Q&A” refer to the 2013, 2010, and 2007 versions, unless otherwise specified.

Submit a question

Do you have technology questions for this column? Or, after reading an answer, do you have a better solution? Send them to jofatech@aicpa.org. We regret being unable to individually answer all submitted questions.

SPONSORED REPORT

Cybersecurity threats proliferating for midsize and smaller businesses

This report details how SMBs can properly protect private information from breaches, design and implement a cybersecurity policy, and create safeguards for training and education.

QUIZ

Test yourself on these often confused words

The spelling checker on your word processing program can do only so much to flag problems. Your best insurance is to learn the troublesome words that trip up writers and use them correctly by the standards of formal, written English.