Password Management: Maintaining & Strengthening Your First Line of Defense

The following article was published in this month’s issue of Manufacturing Outlook Digital Magazine. For a limited time, we’re offering Manufacturing Talk Radio listeners a FREE subscription.

Visit Manufacturingoutlook.com to subscribe today!

by Ken Fanger

Passwords!  Passwords!  Passwords everywhere!  I can’t possibly think of another one!  Eight or more characters, upper case, lower case, numbers, special characters… arrgh!  From your bank account, to Netflix, your email, social media, and more, the list goes on and on.  Not only do you have to keep track of so many, but you also have to make sure they are strong enough, too.  It’s enough to drive a person crazy.

It’s just not functional or practical to try to remember the dozens (or hundreds) of passwords that you use each day.  In fact, I have over 5,000 different passwords between all my clients that I need to remember (crazy, right?).  It’s tempting to skip the complication in the face of so many accounts, so why not just use one password to cover all my bases?  Of course, every cyber security person will tell you that’s a very bad idea.

It’s important to recognize that passwords are your first line of defense.  If you think about cyber security as defending a city, you don’t send out one soldier and expect them to defend the whole shebang.  No, you send out an entire frontline of people instead—or, even better, you have a nice strong fence blocking out the danger first.  This is why it’s necessary to use a different password for every account: if one person or fencepost (read: password) becomes compromised, it doesn’t doom the rest. Passwords are vital to your data protection, but we can agree that it’s unrealistic to expect you can remember dozens or hundreds of unique and complex passwords.  This is where using a password management system comes in handy. 

The key benefit of a password management system is that the system automatically remembers and stores your login information for every account you have so that you don’t have to.  You can create (or have the system auto-generate) complex passwords for any site you visit that requires one and never be frustrated by not remembering your password again.  I use LastPass to manage my passwords, but there are hundreds of different options available to you.

All you have to do to maintain your password management system is set a complex master password that will grant you access to your other passwords.  Making this password exceptionally strong and unique by using a combination of numbers, letters, capitalization, and special characters will keep your passwords safe while eliminating the need to require anything but that password.

So what does a “strong password” look like?  Here’s a good example: Chu43%#lusknyHe.  I’ve used a combination of characters I mentioned earlier and created something very complex that I keep written on a piece of paper that is locked in a safe in my home.  I made sure to leave out personal information that’s easy to find, such as pets’ names, birth dates, or street names.  The best passwords are total nonsense, like the example above, or unique words or phrases to help you remember (ex.  “tQbFJ0tLd!” is an abbreviation of “The quick brown fox jumped over the lazy dog” using numbers, letters, and symbols).

Remember: your master password in a password management system is the one that opens up and unlocks access to all your other passwords.  In other words, the master password opens the gates to the city.  It needs to protect the fence you built with all those different, complex passwords you no longer have to remember.

At the end of the day, whether you use a password manager or not, it’s vital to have a plan when it comes to your passwords.  Make sure you’re using a new password for every account.  Writing them down and leaving the paper unsecured, or jotting them down in your phone (which is also hackable, by the way), is not safe for your data.  Passwords are your first line of defense, and the first target cyber criminals will aim at, so protect them well.

Author profile:

Ken Fanger, MBA has 30 years of industry experience in the fields of technology and cyber security and is a sought-after CMMC Registered Professional, helping manufacturers and contractors to meet DoD requirements for CMMC compliance. He is passionate about technology deployment, and his MBA in Operations & Logistics has helped him to be an asset in the designing and deployment of networks to enhance the manufacturing experience. Over the past 5 years, he has focused on compliance and security, including working on the SCADA control system for the Cleveland Power Grid. Mr. Fanger works with each client to identify their unique needs, and develops a customized approach to meeting those needs in the most efficient and cost-effective ways, ensuring client success. ν

Passwords!  Passwords!  Passwords everywhere!  I can’t possibly think of another one!  Eight or more characters, upper case, lower case, numbers, special characters… arrgh!  From your bank account, to Netflix, your email, social media, and more, the list goes on and on.  Not only do you have to keep track of so many, but you also have to make sure they are strong enough, too.  It’s enough to drive a person crazy.

It’s just not functional or practical to try to remember the dozens (or hundreds) of passwords that you use each day.  In fact, I have over 5,000 different passwords between all my clients that I need to remember (crazy, right?).  It’s tempting to skip the complication in the face of so many accounts, so why not just use one password to cover all my bases?  Of course, every cyber security person will tell you that’s a very bad idea.

It’s important to recognize that passwords are your first line of defense.  If you think about cyber security as defending a city, you don’t send out one soldier and expect them to defend the whole shebang.  No, you send out an entire frontline of people instead—or, even better, you have a nice strong fence blocking out the danger first.  This is why it’s necessary to use a different password for every account: if one person or fencepost (read: password) becomes compromised, it doesn’t doom the rest. Passwords are vital to your data protection, but we can agree that it’s unrealistic to expect you can remember dozens or hundreds of unique and complex passwords.  This is where using a password management system comes in handy. 

The key benefit of a password management system is that the system automatically remembers and stores your login information for every account you have so that you don’t have to.  You can create (or have the system auto-generate) complex passwords for any site you visit that requires one and never be frustrated by not remembering your password again.  I use LastPass to manage my passwords, but there are hundreds of different options available to you.

All you have to do to maintain your password management system is set a complex master password that will grant you access to your other passwords.  Making this password exceptionally strong and unique by using a combination of numbers, letters, capitalization, and special characters will keep your passwords safe while eliminating the need to require anything but that password.

So what does a “strong password” look like?  Here’s a good example: Chu43%#lusknyHe.  I’ve used a combination of characters I mentioned earlier and created something very complex that I keep written on a piece of paper that is locked in a safe in my home.  I made sure to leave out personal information that’s easy to find, such as pets’ names, birth dates, or street names.  The best passwords are total nonsense, like the example above, or unique words or phrases to help you remember (ex.  “tQbFJ0tLd!” is an abbreviation of “The quick brown fox jumped over the lazy dog” using numbers, letters, and symbols).

Remember: your master password in a password management system is the one that opens up and unlocks access to all your other passwords.  In other words, the master password opens the gates to the city.  It needs to protect the fence you built with all those different, complex passwords you no longer have to remember.

At the end of the day, whether you use a password manager or not, it’s vital to have a plan when it comes to your passwords.  Make sure you’re using a new password for every account.  Writing them down and leaving the paper unsecured, or jotting them down in your phone (which is also hackable, by the way), is not safe for your data.  Passwords are your first line of defense, and the first target cyber criminals will aim at, so protect them well.

Author profile:

Ken Fanger, MBA has 30 years of industry experience in the fields of technology and cyber security, and is a sought-after CMMC Registered Professional, helping manufacturers and contractors to meet DoD requirements for CMMC compliance. He is passionate about technology deployment, and his MBA in Operations & Logistics has helped him to be an asset in the designing and deployment of networks to enhance the manufacturing experience. Over the past 5 years, he has focused on compliance and security, including working on the SCADA control system for the Cleveland Power Grid. Mr. Fanger works with each client to identify their unique needs, and develops a customized approach to meeting those needs in the most efficient and cost-effective ways, ensuring client success.