Simple tips for security and serial numbers

[This probably impacts every person reading this, but few of us get to decide to fix it. I figured it was worth sharing so you can share it…]

Don’t require special characters (like ! or worse, ‘) in the passwords created in your app or on your site. You’re simply training people to either forget them or to write them down in an unsafe location. Instead, require long passwords.

When you set up a wifi password that others have to use, there’s really no reason to use capital letters, special characters or anything that’s a hassle to type on a phone. Try a phone number instead.

Don’t use ‘0’, ‘O’, ‘o’, ‘l’ or ‘1’ in any context where they have to be distinguished–like room numbers, serial numbers or the names of children. This is why zip codes are easier to use than postal codes, and why mixed letters and numbers are worth avoiding.

If you’re requiring 2FA (a good thing), don’t rely on email or texts, use an app instead. And don’t make the text code 7 digits (as my former bank did in an effort to pretend that they cared). 6 is more than enough.

Instead of serial numbers, companies should consider using three words mushed together, like hey-zebra-fun. This is way easier to read and communicate to others. Imagine how easy it would be to deal with your VIN or computer serial number if you could simply say three words. All the company will need is three lists of 300 common words, which, when juxtaposed, give us plenty of combinations.

And a password manager is a worthwhile program to install. If you haven’t, today’s a great day to start.

BONUS: It never hurts to say ‘please’ in your forms and other online communications. It’s free.


PS all of this advice is on the path to obsolete once computers can talk and think and interact just a little better than now. Which is happening. Here’s my recent podcast about it.

Marketing bonus: A fun summary of my work from Brendan.