One of the biggest mistakes we see in the business IT world has to do with information getting into the wrong hands. If you have a business computer and you don’t have a password set on it, you could be asking for trouble, especially if that computer is a laptop and you take it out of the building with you.
Most businesses that have a server will require you to set a password on your user account. If this is the case, you should change the password every quarter, if possible. In some environments you are forced to change your password more often or less. But generally you can change your password anytime. Here’s how:
Press Control-Alt-Delete to get to what Microsoft calls the “Security Subsystem Menu.” Generally you should see six options there. Until Windows Vista or Windows 7, the six options were two rows of three buttons. As of Windows 7 it’s now one column of five buttons. But there should be an option that says Change Password. Click on it.
You will be prompted for your existing password. If you don’t know this password, STOP and contact us. You are not going to be able to go any further without knowing this password.
Assuming you do know this password, type it in and press TAB on your keyboard, or grab the mouse and click into the next space.
The next prompt asks you to type in a new password. Let’s talk for a minute about this password before you do so…
First, I’d suggest a password that is 8 characters or more, contains at least one uppercase letter, and if possible contains some form of punctuation. You may be asking “why does this have to be so doggone complicated?” Well, because one of the most common ways that hackers get your password is through social engineering. What’s that? It’s the art of getting you to tell them your password by using the ruse of something legitimate. So, lets say you tell them your password. If you have a capital letter and some form of punctuation in there, chances are they are not going to figure it out.
Second, do not use your spouse’s name, your children’s name, or your pet’s name. Don’t use some combination of your spouses names or your childrens names or your pet’s names. Leave them out of this. Why? Because in the course of our jobs, we’ve done a fair amount of guessing passwords when we are on-site to fix your computer and you’ve just taken a field trip to the smoothie store for the entire office. Guess what? More often than not I can guess your password just by knowing these bits of information. Scary, huh? But it’s the truth.
Third, don’t use any variation of your company’s address or the word Password. See above for the reason why.
Fourth, don’t use your birthday. Again, it’s too simple to guess.
So, what’s that leave? Well, mix up something that has to do with your favorite author’s last name and a number you’ll remember. Add some punctuation in there for fun. For instance, my favorite author (thus far) is a guy name Daniel Silva. So, maybe my password becomes Silva.6740. See how I got there? I used his last name and a number that I will remember.
So, back to changing your password…
In the next two fields, type in your new password, press TAB or click in the next space, and type it again. I’d suggest typing it slower than you normally do… You’d be amazed how easy it is to mistype something twice!
When you’re done, click OK or the Arrow, whichever option you have. If you’re successful, a message will come back telling you that your password was successfully changed. If not and you get an error, your password remains what it was before.
Here’s a hint: Combine this tip with this one on locking your computer when you leave for a secure work environment. Set a screen saver timeout and lock, too. We’ll cover doing that in another tech tip.
Want to get these tech tips in your email? Subscribe here! It’s free and you can always come back and unsubscribe later if you want! We promise not to sell your email address to spammers (we hate those guys too, and offer services to block them).