American Land Title Association
Home  >  Advocacy
Advocacy


SoftPro is the nation's leading provider of Real Estate Closing and Title Insurance software


Best Practices

Tips on Creating Strong Passwords

June 26, 2014

After learning of the Heartbleed/SSL exploit, internet security experts recommended that passwords be changed on websites that are frequently used in order to protect personal information. (Heartbleed Bug Exposes Internet Data) Here's a hit list from Mashable of websites where passwords should be changed. The following are general recommendations for creating a strong and complex password:

A Strong Password Should:

  • Be at least 8 characters in length
  • Contain both upper and lowercase alphabetic characters (e.g. A-Z, a-z)
  • Have at least one numerical characters (e.g. 0-9)
  • Have at least one special character (e.g. ~ ! @ # $ % ^ & * ( ) - _ + =)

A Strong Password Should Not:

  • Spell a word or series of words that can be found in a standard dictionary
  • Spell a word with a number added to the beginning and/or the end
  • Be based on any personal information such as family name, pet, birthday, etc.
  • Be based on a keyboard pattern (e.g. qwerty) or duplicate characters (e.g. aabbccdd)

Use a Passphrase or a Nonsensical Word:

  • A passphrase could be a lyric from a song or a favorite quote. An example of a strong passphrase is “Superman is $uper str0ng!”. A nonsensical word can built using the first letter from each word in a phrase (e.g. C$200wpG., represents "Collect $200 when passing Go."). These typically have additional benefits such as being longer and easier to remember.

The following are vital suggestions for using passwords

  • Do not share your password with anyone for any reason.
  • Change your passwords periodically—at least every three months.
  • Do not write your password down or store in an insecure manner. Never store a password in an unencrypted electronic file or use the "save my password" feature on websites for important passwords.
  • Do not use automatic logon functionality on websites or devices.
  • Avoid reusing a password.
  • Avoid using the same password for multiple accounts or sites.
  • If you have an in home Internet router, change the default password. Each router has a basic default username and password combination. This makes it easier for hackers to break into your network.



Print Friendly


How To Find Us:
American Land Title Association
1828 L Street, NW, Suite 705
Washington, DC 20036-5104
P. 202.296.3671 F. 202.223.5843
www.alta.org
service@alta.org
Copyright © 2004-2014 American Land Title Association. All rights reserved.
SecurityMetrics for PCI Compliance, QSA, IDS, Penetration Testing, Forensics, and Vulnerability Assessment