Posts‎ > ‎

No more pass-word with Google Apps?

posted Feb 5, 2015, 12:58 PM by Faustino Rodriguez   [ updated Feb 5, 2015, 2:06 PM ]
Last year the most common used - worst - passwords list started with "123456" and "password". When talking about passwords, other than unique could be considered a bad choice.

There is a lot already discussed and published about this topic, so I am going to be simple and to the point.

The very nature of a pass-word: "hard to guess by others, easy to remember by me" makes any pass-word doomed to failure, there is no such a word.

When we accept that reality, then we can consider the options:

1. Create a pass-word out of a unique-to-you phrase, like a pass-phrase would be, e.g
    IwboF13iNY. - It's coming from "I was born on February 13 in New York.", or even more personal
    WIw13,Ibma. - That is coming from "When I was 13, I broke my arm."
(Do Not reuse any pass-phrase)

2. If you are lucky enough and using Google Apps, then enroll right now in the 2-step verification choice from your account, a higher security level, based on "something you know (a simple password or pin) and something you have", where something you have is your phone.
    After passing the password requirement, you will be asked for a code that you would receive in your phone (text or voice) or you can even produce with the Google Authenticator app, if using a smartphone.

3. One step further up into security is adding a USB Security Key to the 2-step verification process, like the one shown right here before snap it out (it's pretty & small). Those are FIDO U2F Ready (Fast IDentity Online Alliance - Universal Second Factor)

Good luck, anyway.

ps. read more about the top 25 common passwords on this page.