- Internet & the Web
Non Standardization Issues When Implementing A Password Strategy
Password strategies are a must in our modern and connected world. Simply defined, a password management strategy is a way or technique from which you can easily remember the numerous passwords you have for your various services, and still maintain a reasonable level of security for your passwords.
As a first step to developing a strategy, you will need to have an idea of the inconsistencies in the characters acceptable for a password, and the different password policies, among the various organizations and websites. As an example, some websites will only accept upper case characters while other sites actually require a mix of upper and lower case characters. If you don’t take these inconsistencies into account, it will really mess up a good password strategy. In the following paragraphs, I will list the possible differences here, so that they can be taken into account when designing a password strategy.
Change Of Password Each Period
Some brokers, and maybe banks, may suggest that you change your password periodically. Some of them will enforce it, so that after the predetermined period, you have to supply a new password before you can continue using their system. And don't count on alternating between 2 passwords. They will probably keep track of your old passwords and insist on a fresh one each time.
Fixed Length Password
Some websites and organizations will require you to have a fixed length password. The length will usually be somewhere from 4 to 8 characters.
Special Characters Needed
To increase difficulty of hacking your password, some sites would require that your password must contain at least one of the lower case, upper case, numeric and special characters.
Some Characters Not Allowed
I have come across some websites in which only lower case characters are accepted for your password. There will probably be some sites which disallow numeric characters and special characters like the full stop, underscore or comma. And there will be other sites in which only upper case characters are allowed.
Usually, banks and supermarkets will have only a numeric keypad, and as such, accepts only numeric passwords. And, in addition to that, you are also limited to a fixed number of digits, no more no less.
Some websites will have a algorithm that assesses the strength of your password, and you might be required to supply another password if the password you entered is deemed too weak. You would normally not have too many problems with this unless your password is really very easily hacked.
It is probably impractical to develop a strategy that can take into account all the inconsistencies mentioned above. The best that you can do is to come up with a strategy that can handle most of the inconsistencies above and hope that the exceptions will be few enough so that you can rely on your memory.