While doing research on information security relating to healthcare analytics, I came across an interesting article by Melanie Pinola about how common tricks we use to “secure” our passwords aren’t fooling the bad guys any more.
In her article, she lists four strategies for creating and using more secure passwords:
- Avoid predictable password formulas (hint: passwords like “Good4U” are not acceptable, and don’t follow the same patterns that everyone else is.)
- Use a unique password for each site (she considers this one to be the most important tip of all)
- Use truly random passwords (and using a variation on the same password for each site isn’t a good idea)
- Use a password generator and manager (she offers a few examples of password managers that do the trick)
Given the recent spat of healthcare data breaches, and in light of the “Heartbleed” bug revelations, everyone who works with healthcare data must redouble efforts to ensure that our own security practices are up-to-date and keeping ahead of the techniques used by people who are trying to infiltrate our systems.