{"id":1412,"date":"2017-03-29T19:45:39","date_gmt":"2017-03-29T19:45:39","guid":{"rendered":"http:\/\/www.velocitymicro.com\/blog\/?p=1412"},"modified":"2020-07-07T16:53:37","modified_gmt":"2020-07-07T16:53:37","slug":"web-security-password-best-practices","status":"publish","type":"post","link":"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/","title":{"rendered":"Web Security and Password Best Practices"},"content":{"rendered":"

<\/h2>\n

Time for a password refresh!<\/strong><\/h2>\n

Within the past two weeks, over 1 million decrypted passwords<\/a> for some of the most popular mail and social media sites have been placed for sale on the Deep Web.\u00a0 What this means for you is that there is a chance that your information is unknowingly available for sale.\u00a0 A few of the sites involved in this data sale include gMail, Yahoo, LinkedIn, Tumblr, and Last.FM.<\/p>\n

\"PasswordAn Australian security researcher has instituted a Website to allow you to see if any of your eMail accounts or usernames have been involved in a breach incident.\u00a0 This site can be found at https:\/\/haveibeenpwned.com\/<\/a><\/p>\n

It is very simple to mitigate the threat associated with a password leak; log into your account and change your password.\u00a0 However, careful thought should go into setting up your password and considerations should be made if you use the same password across multiple sites.\u00a0 If you reuse your passwords across multiple sites, then from a security standpoint, all of the passwords should be changed as it is not unusual for attackers to attempt the same credentials gained in a breach across various services.\u00a0 As for setting up your password, simple is not always better.\u00a0 Nonetheless, overcomplexity in password design just makes it more difficult for you to access your account.\u00a0 A strong balance between security and usability is necessary, as if your password makes it more difficult for you to remember, and in turn slows down the access of your account, then it is not a good fit.<\/p>\n

If your password contains an actual word, it can often be cracked quickly.\u00a0 The best recommendation is to use long passwords with a mix of Upper Case, Lower Case, Numbers, and special characters.\u00a0 While previously the recommendation was 8 characters as a minimum, current technology using advanced hardware and software<\/a> can effectively determine shorter passwords quickly. Currently, from a security standpoint, the use of 10 characters or more is not uncommon, but the question is frequently how does one remember a password of that length.<\/p>\n

Password Strategies<\/strong><\/h2>\n

Passwords do not need to look like I4t3|<4(3!, and can frequently be made more secure while creating them in a method can be readily remembered.\u00a0 For example, if your name is Cathy Smith, you certainly would not want to use the password of Cathysmith; however, you could, effectively use number and character substitution, or munging<\/a> to make your password that simple. Using substitution, your password could be C@hySm1th! and have a greater chance of surviving a password based attack. An additional consideration is the frequency in which you change your password. Depending on the sensitivity of your data, changing your password between 60 and 90 days would assist in further protecting your information.<\/p>\n

Password Managers<\/strong><\/h2>\n

Though previously, we had made recommendations that users utilize password managers to remember complex passwords, they too have unfortunately been breached due to weaker than expected security. Based on a recent article from TWCN<\/a>, a key component used by many popular password manager applications possessed a security weakness, meaning your passwords were saved in a format that was easily reversible. While it is apparent that the password managers have fixed the issue<\/a> now that the weakness has been discovered, it would be advantageous, for those of you using password managers before March 1, 2017, to change your passwords as soon as possible, as historic information has the potential to be compromised.<\/p>\n","protected":false},"excerpt":{"rendered":"

Time for a password refresh! Within the past two weeks, over 1 million decrypted passwords for some of the most…<\/p>\n","protected":false},"author":6,"featured_media":2609,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[21],"tags":[],"yoast_head":"\r\nWeb Security and Password Best Practices | Velocity Micro<\/title>\r\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\r\n<link rel=\"canonical\" href=\"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/\" \/>\r\n<meta property=\"og:locale\" content=\"en_US\" \/>\r\n<meta property=\"og:type\" content=\"article\" \/>\r\n<meta property=\"og:title\" content=\"Web Security and Password Best Practices | Velocity Micro\" \/>\r\n<meta property=\"og:description\" content=\"Time for a password refresh! Within the past two weeks, over 1 million decrypted passwords for some of the most…\" \/>\r\n<meta property=\"og:url\" content=\"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/\" \/>\r\n<meta property=\"og:site_name\" content=\"Custom Gaming & Workstation PC Blog | Velocity Micro\" \/>\r\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/VelocityMicro\/\" \/>\r\n<meta property=\"article:published_time\" content=\"2017-03-29T19:45:39+00:00\" \/>\r\n<meta property=\"article:modified_time\" content=\"2020-07-07T16:53:37+00:00\" \/>\r\n<meta property=\"og:image\" content=\"http:\/\/www.velocitymicro.com\/images\/upload\/password.jpg\" \/>\r\n<meta name=\"author\" content=\"Robert Rife\" \/>\r\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Robert Rife\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\r\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/\"},\"author\":{\"name\":\"Robert Rife\",\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/#\/schema\/person\/40ef1b2d57be7934fa77d9512631315b\"},\"headline\":\"Web Security and Password Best Practices\",\"datePublished\":\"2017-03-29T19:45:39+00:00\",\"dateModified\":\"2020-07-07T16:53:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/\"},\"wordCount\":574,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/#organization\"},\"articleSection\":[\"PC News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/\",\"url\":\"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/\",\"name\":\"Web Security and Password Best Practices | Velocity Micro\",\"isPartOf\":{\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/#website\"},\"datePublished\":\"2017-03-29T19:45:39+00:00\",\"dateModified\":\"2020-07-07T16:53:37+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.velocitymicro.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Web Security and Password Best Practices\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/#website\",\"url\":\"https:\/\/www.velocitymicro.com\/blog\/\",\"name\":\"Custom Gaming & Workstation PC Blog | Velocity Micro\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.velocitymicro.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/#organization\",\"name\":\"Velocity Micro\",\"url\":\"https:\/\/www.velocitymicro.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.velocitymicro.com\/blog\/wp-content\/uploads\/2022\/11\/VMLogo_Black-HD.png\",\"contentUrl\":\"https:\/\/www.velocitymicro.com\/blog\/wp-content\/uploads\/2022\/11\/VMLogo_Black-HD.png\",\"width\":2229,\"height\":420,\"caption\":\"Velocity Micro\"},\"image\":{\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/VelocityMicro\/\",\"https:\/\/twitter.com\/VelocityMicro\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/#\/schema\/person\/40ef1b2d57be7934fa77d9512631315b\",\"name\":\"Robert Rife\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.velocitymicro.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/747a1a3d51e2bd82c9b33799f3266e1d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/747a1a3d51e2bd82c9b33799f3266e1d?s=96&d=mm&r=g\",\"caption\":\"Robert Rife\"},\"description\":\"Robert Rife is Chief Engineer at Velocity Micro. A twenty-five year I.T. veteran with deep experience in process optimization, computer manufacturing, and physical\/electronic security, Robert understands financial ramifications of technical decisions and is able to readily translate business needs to technology solutions. Since originally joining Velocity Micro in 2006, has held multiple positions ranging from desktop support to production and on to advanced engineering. Robert holds many degrees including an MBA specializing in IT Management, Masters of Science in Information Security Assurance, and a Masters of Education in Curriculum Design. He is currently in his third year of a Doctorate of Science program focusing on Information Security. He also holds over 50 industry certifications and was awarded an Information Security Professional and Management certificate from the Committee on National Security Systems.\",\"url\":\"https:\/\/www.velocitymicro.com\/blog\/author\/vmrife\/\"}]}<\/script>\r\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Web Security and Password Best Practices | Velocity Micro","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/","og_locale":"en_US","og_type":"article","og_title":"Web Security and Password Best Practices | Velocity Micro","og_description":"Time for a password refresh! Within the past two weeks, over 1 million decrypted passwords for some of the most…","og_url":"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/","og_site_name":"Custom Gaming & Workstation PC Blog | Velocity Micro","article_publisher":"https:\/\/www.facebook.com\/VelocityMicro\/","article_published_time":"2017-03-29T19:45:39+00:00","article_modified_time":"2020-07-07T16:53:37+00:00","og_image":[{"url":"http:\/\/www.velocitymicro.com\/images\/upload\/password.jpg"}],"author":"Robert Rife","twitter_misc":{"Written by":"Robert Rife","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/#article","isPartOf":{"@id":"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/"},"author":{"name":"Robert Rife","@id":"https:\/\/www.velocitymicro.com\/blog\/#\/schema\/person\/40ef1b2d57be7934fa77d9512631315b"},"headline":"Web Security and Password Best Practices","datePublished":"2017-03-29T19:45:39+00:00","dateModified":"2020-07-07T16:53:37+00:00","mainEntityOfPage":{"@id":"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/"},"wordCount":574,"commentCount":0,"publisher":{"@id":"https:\/\/www.velocitymicro.com\/blog\/#organization"},"articleSection":["PC News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/","url":"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/","name":"Web Security and Password Best Practices | Velocity Micro","isPartOf":{"@id":"https:\/\/www.velocitymicro.com\/blog\/#website"},"datePublished":"2017-03-29T19:45:39+00:00","dateModified":"2020-07-07T16:53:37+00:00","breadcrumb":{"@id":"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.velocitymicro.com\/blog\/web-security-password-best-practices\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.velocitymicro.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Web Security and Password Best Practices"}]},{"@type":"WebSite","@id":"https:\/\/www.velocitymicro.com\/blog\/#website","url":"https:\/\/www.velocitymicro.com\/blog\/","name":"Custom Gaming & Workstation PC Blog | Velocity Micro","description":"","publisher":{"@id":"https:\/\/www.velocitymicro.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.velocitymicro.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.velocitymicro.com\/blog\/#organization","name":"Velocity Micro","url":"https:\/\/www.velocitymicro.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.velocitymicro.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.velocitymicro.com\/blog\/wp-content\/uploads\/2022\/11\/VMLogo_Black-HD.png","contentUrl":"https:\/\/www.velocitymicro.com\/blog\/wp-content\/uploads\/2022\/11\/VMLogo_Black-HD.png","width":2229,"height":420,"caption":"Velocity Micro"},"image":{"@id":"https:\/\/www.velocitymicro.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/VelocityMicro\/","https:\/\/twitter.com\/VelocityMicro"]},{"@type":"Person","@id":"https:\/\/www.velocitymicro.com\/blog\/#\/schema\/person\/40ef1b2d57be7934fa77d9512631315b","name":"Robert Rife","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.velocitymicro.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/747a1a3d51e2bd82c9b33799f3266e1d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/747a1a3d51e2bd82c9b33799f3266e1d?s=96&d=mm&r=g","caption":"Robert Rife"},"description":"Robert Rife is Chief Engineer at Velocity Micro. A twenty-five year I.T. veteran with deep experience in process optimization, computer manufacturing, and physical\/electronic security, Robert understands financial ramifications of technical decisions and is able to readily translate business needs to technology solutions. Since originally joining Velocity Micro in 2006, has held multiple positions ranging from desktop support to production and on to advanced engineering. Robert holds many degrees including an MBA specializing in IT Management, Masters of Science in Information Security Assurance, and a Masters of Education in Curriculum Design. He is currently in his third year of a Doctorate of Science program focusing on Information Security. He also holds over 50 industry certifications and was awarded an Information Security Professional and Management certificate from the Committee on National Security Systems.","url":"https:\/\/www.velocitymicro.com\/blog\/author\/vmrife\/"}]}},"_links":{"self":[{"href":"https:\/\/www.velocitymicro.com\/blog\/wp-json\/wp\/v2\/posts\/1412"}],"collection":[{"href":"https:\/\/www.velocitymicro.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.velocitymicro.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.velocitymicro.com\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.velocitymicro.com\/blog\/wp-json\/wp\/v2\/comments?post=1412"}],"version-history":[{"count":6,"href":"https:\/\/www.velocitymicro.com\/blog\/wp-json\/wp\/v2\/posts\/1412\/revisions"}],"predecessor-version":[{"id":1704,"href":"https:\/\/www.velocitymicro.com\/blog\/wp-json\/wp\/v2\/posts\/1412\/revisions\/1704"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.velocitymicro.com\/blog\/wp-json\/wp\/v2\/media\/2609"}],"wp:attachment":[{"href":"https:\/\/www.velocitymicro.com\/blog\/wp-json\/wp\/v2\/media?parent=1412"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.velocitymicro.com\/blog\/wp-json\/wp\/v2\/categories?post=1412"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.velocitymicro.com\/blog\/wp-json\/wp\/v2\/tags?post=1412"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}