Unforgettable passwords

By J. Carlton Collins, CPA

Q. What are the minimum criteria for creating a strong password?

A. Microsoft provides a Password Checker website, where you can enter the password to check its strength, an example of which is pictured below.

techqa10


To achieve the maximum strength, Microsoft’s password checker requires at least 14 characters containing at least one of each of the following types of characters: an uppercase letter, a lowercase letter, a number, and a special character. As added security, most experts also recommend that passwords not contain your username, real name, company name, or complete words; that each password be unique; and that all passwords be significantly different from previous passwords.

Because the above rules result in a bevy of passwords that are difficult to remember, I use a different approach that you may want to consider. All of my passwords start with the same lengthy prefix, such as a childhood telephone number, for example, 9126364242 (this is not the actual prefix I use). Next, my passwords all include the name of the account, such as Delta, Amazon, or AICPA. Finally, each of my passwords ends with a four-digit personal identification number (PIN). The results are strong lengthy passwords that I have a good chance of remembering, such as the examples shown below (which are not my actual passwords):

Delta account password:      9126364242delta7543

Amazon account password: 9126364242amazon9312

AICPA account password:    9126364242aicpa2209

Using this approach, the bold PINs are all I need to remember, and because hackers don’t know the actual lengthy prefix I use, these passwords are very strong. With 263 active passwords on my list, this structured approach gives me a fighting chance of remembering many of them. Because uppercase and special characters are more difficult characters to type (especially on a smartphone device), I avoid these types of characters unless they are required. 

J. Carlton Collins is a technology consultant, a CPE instructor, and a JofA contributing editor.

Note: Instructions for Microsoft Office in “Technology Q&A” refer to the 2013, 2010, and 2007 versions, unless otherwise specified.

Submit a question

Do you have technology questions for this column? Or, after reading an answer, do you have a better solution? Send them to jofatech@aicpa.org. We regret being unable to individually answer all submitted questions.

SPONSORED REPORT

Keeping client information safe in an age of scams and security threats

A look at the Dirty Dozen tax scams and ways to protect taxpayer information.

TAX PRACTICE CORNER

More R&D tax help

"Can I use the R&D credit?" PATH Act enhancements make the credit more attractive to a wider range of taxpayers.

QUIZ

News quiz: Tax-related data breach explained

News about a data breach that affected about 100,000 people, the IRS’s budget for the fiscal year, and the 2018 health spending account limits received attention recently. See how much you know with this short quiz.