Iowa State University

ITInformation Technology

What you need to know about passwords

This blog entry expired September 11, 2017. It may contain out-of-date information.

Passwords are not a new concept, but keeping up with the varying rules and requirements can make them seem like it. Passwords are used to keep information secure by identifying users and protecting accounts. Due to the growing number of passwords people have to remember, password strength is decreasing making them susceptible to cyber criminals. Quality passwords reduce the chance of cyber criminals gaining access to, and control of, your accounts. Here are some basic tips for managing quality passwords:

  • Create strong passwords
  • Have a unique password for every account
  • Never write passwords down
  • Do not share passwords with anyone
  • Change passwords often

A quality password isn’t the only thing that is important when it comes to passwords. The ability to change a password can be almost equally important. Hackers can gain access to an account protected by a quality password through security questions or a password reset function. If the password reset function for your account is a security question asking about the town you grew up in, a hacker could search the web (including social media sites) and easily find the answer. This gives a hacker access to your account, and the ability to change the password to the account and lock you out.

This does not mean that security questions should not be used, it means one should be cautious when selecting the questions and answers used to protect your accounts. Generally, when using security questions – do not use an answer that could be guessed or easily found through a web search, when in doubt make up an answer; security questions don't have to be answered truthfully.  

While there isn't a foolproof solution to combat cyber crime, having quality passwords and security questions act as a great defense.