Perplexed by Passwords? Computing Technology Industry Association Offers Tips for Safe, Secure Computing

OAKBROOK TERRACE, IL -- Feb. 21, 2005 -- Perplexed by a proliferation of computer passwords at home and in the office? The Computing Technology Industry Association (CompTIA) says there are a few simple tips you can use to help you keep track of passwords and enjoy a safe and secure computing experience.


“As we have incorporated computer use into more and more of our lives at home and at work, the number of passwords we use has grown exponentially,” said John Venator, president and chief executive officer, CompTIA. “For the individual computer user, password proliferation started when that person logged on to a computer for the first time. Today, every web site that can identify you as a customer, a subscriber or an email correspondent has a password on file for you.”

For the past two years, CompTIA has conducted extensive research on computer and information technology (IT) security. In 2004 this research revealed that human error was the primary cause of IT security breaches; 84 percent of the nearly 900 organizations that participated in the study blamed human error either wholly or in part for their last major security breach. In many instances these security breaches could be traced back to poor password security.

Multiple Passwords Recommended

Using only one password for all computing and online activities poses a great security risk. If you use only one password and it is compromised or stolen, you could become the victim of identity theft or financial loss. If the lost password is the same one you use at work, the consequences for your employer could be disastrous.

CompTIA recommends maintaining four passwords:

1) An easy to remember password for use on general web sites. The same password can be used in many low-risk places because the negative consequences are minimal if the password is compromised.

2) A more complex password, with a mix of numbers and letters, for electronic commerce web sites. If this password is compromised, there may be financial implications, such as credit card theft or manipulation of your credit history.

3) A very complex password for banking, stock trading and other web sites that require you to provide detailed personal information. This password should contain lowercase letters, uppercase letters, numbers, and punctuation marks; or at least three of these four categories. That’s because if this password is compromised, identity theft is possible.

4) A password to use only at work. The work password should not resemble any of the passwords used for home and personal computing. Every network administrator has different password policy guidelines and requirements for creating and changing passwords. But regardless of the guidelines, you should never write down the password.

For most passwords, it’s best to use some combination of letters, numbers and punctuation marks. Use a combination that you can remember with a small hint. For example, if your password is green1225, your hint could be “color, Christmas.” It’s okay to write down a vague hint, but never write down all or part of the actual password.

Finally, all passwords except the easy web site password should be changed at least every 90 days.

About CompTIA

CompTIA is a global trade association representing the business interests of the information technology industry. For more than 23 years CompTIA has provided research, networking and partnering opportunities to its 20,000 members in 102 countries. The association is involved in developing standards and best practices, and influencing the political, economic and educational arenas that impact IT worldwide. More information is at www.comptia.org.

Contact Information

Steven Ostrowski

Media Contact

CompTIA

Contact via E-mail