Computer security can be complicated. There are lots of programs and technologies out there to protect your computers and networks. Today we’re going to talk about the most basic form of protection: passwords. Everyone is familiar with passwords; you probably have several for your personal email account, your credit card and bank accounts, and maybe one for a social networking site. Passwords are sometimes your only line of defense, so it makes sense to manage them carefully. Here are a few tips on creating passwords.

First, make sure you use a password. I have been to many medical practices that failed to protect their computers with passwords. Not only does this violate the HIPAA security rule, it also makes it extremely easy for anyone to snoop around on your computer. Remember that the greatest threat you face is from insiders: employees, patients, or even the janitor. Any of these people could snoop through your files, access protected health information, view your financial data, or even steal from you.

Most Windows computers boot to the administrator account when you turn them on for the first time. The absolute first thing you should do is create a new user account, preferably with your first and last name, and give it a strong password. Avoid the temptation to just use the computer as-is. Creating a user account only takes a few minutes, and it will come in handy if you need to use secure file sharing.

Second, you should choose a strong password. Passwords do not help much if they are easy to guess. You should avoid using someone’s name, your pet’s name, your phone number, address, your birth date, or any complete word in any language, including Latin. Password crackers can easily guess words.

The challenge is coming up with a strong password that is difficult to guess. The best way is to take bits and pieces of something you can remember. The last thing you want is a password you have to write down. Here are a few tricks to creating passwords. Some of these are stronger than others.

Swap letters with numbers and symbols. Take the word “password,” and exchange some of the characters like this: p455w0rd.

Interpose numbers between letters. This method is not as secure, but it is easy to remember. Instead of “password,” use p1a2s2s4w5o6r7d8.

Mix and match. Take some letters from your middle name, some letters from the town you grew up, and some digits from your parents’ phone number. For instance, you could use Allmar426.

Now that you have a strong password, be sure not to write it down anywhere, and definitely do not share it with anyone else.

Ryan Ricks
Security Officer