Although it is strongly recommended that you do not record a password in any form, if you have difficulty in memorising a password and must record it, a suggested procedure would be to save any document containing them on an external source such as writeable CD or floppy disk, rather than recording them on a computers hard-drive or printing a hard copy. This external source should then be secured separately.
This procedure minimises the risk of another person accessing the information from the hard-drive for unlawful means.
Computer hackers use password-cracking programs that use a dictionary of words to test whether they have been used as a password. Therefore, passwords should be of an adequate length to maximise difficulty and be changed on a regular basis.
At all times avoid easily guessed words such as partners names, pets names, family names and birth dates. Instead, ensure that the password combines a sequence of numbers and letters, eg: 2h0e0l3p~
Where passwords are used in association with employment, maintenance systems should:
- Ensure passwords are changed at regular intervals,
- Be programmed to generate a minor alarm after an unusual number of invalid sign-on attempts,
- Remove all of an employee’s access to computers/programs/files upon their termination.