Password Protection


May 29, 2018

Written by Bob Meshinsky, Practice Leader for Forensic Services and Cyber Security at WGM Information Security


We have all been there. You are opening a new account online and need to create a username and a unique password. You enter a username in the box, which usually is one of your email accounts or a combination of your first and last name, and then hit tab. You are now asked to create a unique password using the password complexity requirements. This is where it gets fun. Some users get very creative while others struggle just to meet the requirements. Once you have created the password, ask yourself the following questions:

  • Is my password strong enough? It is recommended that a password be between 12 to 14 characters, use a combination of lowercase and uppercase alphabetic characters, numbers, and symbols. Avoid character repletion (1111111111), keyboard patterns (qwertyuiop), dictionary words (dictionary) or pet’s names etc. (luckydog).
  • Is my password a common password? 2016 was another massive year for data breaches. The Keeper research team analyzed over 10 million passwords available on the public web and the results showed that nearly 17% of users are safeguarding their accounts with “123456”. The top 10 Most Common Passwords of 2016 also included 2) 123456789, 3) qwerty, 4) 12345678, 5) 111111, 6) 1234567890, 7) 1234567, 8) password, 9) 123123 and 10) 987654321.¹
  • Do I recycle my passwords? Are you using the same username and password on several sites? If Facebook gets hacked does the hacker also have your Google Mail username and password or worst yet, the key to your bank account? You should have unique passwords for each account!
  • How can I remember all those passwords? Should I write them on a piece of paper or the notes section on my phone? Use a Password Manager tool.² You will only need to remember one password to access the application. The tool will store and encrypted all your passwords and enable you to launch your applications from within it.
  • Should I use Two-Factor Authentication (2FA) if it is available? Yes! This is an extra layer of security when accessing your applications. Most sites will send a code via your smart phone for 2FA. Several of the Password Manger tools also offer 2FA thus offering users piece of mind knowing that if someone tried to access their account they would be notified.

Passwords are very important and we should treat them as such. A weak or recycled password can leave you vulnerable. Take the time now to re-evaluate your personal password policy and make the necessary changes before it is too late.



¹ Most Common Passwords of 2016 Keeper Security Study

² A review of the best Password Mangers of 2018 can be found at this link:,2817,2407168,00.asp

Written By

Mark Feldman

MRA Associates

MRA Associates Work-From-Home Policy

3/18/2020 – MRA Associates cares about the health and safety of our clients, our MRA team members and their families, and the community. As we continue to navigate this pandemic and do our part to slow the spread of COVID-19, we have implemented a work-from-home policy.

Our firm is well prepared to continue to serve, support, and advise our clients. Team members have remote access to all systems and processes to ensure continued normal business operations. Please help us to do our part by using telephone and video conferencing for meetings with us until the threat of contagion is significantly reduced.

As your trusted financial partner, we are monitoring the current economic environment, discussing approaches to short-term challenges, and developing innovative solutions. Please know that we are available to you for all of your needs and concerns. Please do not hesitate to reach out to our team if you have any questions.

(800) 222.1232

MRA Associates