Apparently this horse isn’t dead yet.
Strong passwords are the first line of defense to your data. While there are exploits like Heartbleed, malware like Zeus, and good old social engineering waiting to snatch your passwords, using a strong password should still be your #1 priority. As a small, medium, large, or enterprise business you should have an enforced password policy enabled on your network. Once it’s set it takes care of itself. If you are under any type of compliance regulations this needs to be set as part of that and the regulations generally define minimum requirements. We recommend at a minimum 8 characters, a mixture of capital, lower case, and a number or special 
character. It should be set to require a change every 90 days, and not to allow usage of the previous 10 passwords.
This all sounds like a big inconvenience, and I myself dread password change day, but it’s extremely necessary and changing every 90 days really isn’t that bad. In the past my main aggravation was coming up with a new password that meets the complexity requirements. The new ways of thinking about passwords has made this less of a hassle, and makes them easier to remember.
Nowadays you are generally no longer restricted to 8 or 10 characters so you can use song lyrics or movie quotes including spaces and punctuation that make for long, complex passwords that are easy to come up with and remember.
LastPass
For home use I recommend the use of a password manager like LastPass to automatically come up with and remember all the passwords that sites require you to create. I use LastPass and really have no idea what most of my passwords are. I set the desired complexity requirement and the software takes care of the rest. I am ready however for the next step in password security as passwords have really outlived their usefulness.
I LOVE the fingerprint scanner on my iPhone to unlock it and make purchases, but until that type of technology can be implemented in a good way everywhere the humble password remains the stalwart guardian of our online castle.
Here is a scary fact that illustrates this point: 80% of security incidents were due to the use of weak passwords
