Overview
It is important to generate and store strong passwords to protect your information.
Passwords
For security, use at least 16 characters, such as a combination of:
- Lower case (a through z)
- Upper case (A through Z)
- Base 10 digits (0 through 9)
- Non alphanumeric characters (`~!@#$%^&*()-_=+[{]};:'",<.>/?)
- Avoid password reuse with other sites.
An open source password manager such as KeePass Password Safe can be used to generate & store unique strong "128-bit" passwords,
for some passwords, a custom password generation profile can be created to exclude for example: Underline, Special and High ANSI characters.
Password rules & guidelines
Windows: Password complexity requirements.
MySQL: Escape any Special Characters.
Caution: Do not use your real password on an online password tester:
How Secure is my password?
Password Meter
Keepass: Installation
Download & install Keepass Professional
Create New Password Database, e.g. jsmith.kdbx
Create a strong master password, at least 128-bits estimated quality recommended.
Tick: Key provider, e.g. jsmith.key
File, Database settings, Security:
Click 1 Second delay, e.g. 12,000,000 for an Intel Core i5 650 CPU with Advanced Encryption Standard New Instructions (AES-NI)
Divide this by 4 to get a good balance speed & security.
Tools, Options, Security:
Lock workspace after Keepass inactivity e.g. 300 seconds
Tick: Enter master key on secure desktop.
Please keep your master password safe, without it you won't be able to access your passwords.
Also make sure you have both an onsite & offsite current backup.
Exchanging passwords
If sending password(s) via email, encrypt using GNU Privacy Guard or similar.
Our current public key can be added to your keyring.
If you send your public key only, we will generate the required password(s) for you.
Passwords can also be sent via Instant Messaging apps such as Signal, WhatsApp or SMS.
Links
Have I been pwned
KeePass Password Safe
Firefox Lockwise Uses Mozilla Firefox Browser.
ACSC: Creating Strong Passphrases
Microsoft: Windows password complexity requirements
Alexa: Top Sites in Australia Checklist of popular sites
The Majestic Million: Top .au sites
Wikipedia: Have I been pwned
Wikipedia: KeePass
Wikipedia: Firefox Lockwise
Wikipedia: Password Strength
Wikipedia: List of Password Managers
Related Links
Netro: Instant Messaging
Netro: GNU Privacy Guard
Netro: Security Resources (See password links)
Netro: OpenSSH
Netro: Remote Admin Tools