Best Practices for Password Security

In most cases, your password is the only thing standing between your server and all of its treasures, and the horde of violent hackers waiting to rip it to pieces.  Your password is your safeguard.  Without it, you have no access, and if it falls into the wrong hands, you are deep trouble.

There are several steps you can take to make sure your password is as secure and safe as possible.  Follow them, and you will have one less security concern for your dedicated server.

1. Make your password something you can remember but difficult for others to guess.   That means you should avoid things like your birthday or your dog’s name, information anyone can pick up from Facebook.  “password” is not a good password.

2.  Use at least 8 characters.  Some authentication systems will ask for entire pass phrases, but at least 8 characters is usually enough.

3. Mix letters, numbers, uppercase, lowercase, and even symbols when possible.  yw9nL7N is much stronger than butter77.

4. Avoid dictionary words (like butter) because many brute force attacks are designed to guess them.

5. Use a unique password.  The password for your server should not also log you into World of Warcraft.  You are just asking for trouble.

6. Do not share your password.  This is common sense.  If necessary, you can create a special user to give someone limited access to the server, but then remove that user when the person is finished.

7. Enforce strong passwords.  Not only should your password be strong, but any other user or client on your server should have strong passwords too.  Do not just recommend it.  Require it.