Password Protection
Written by Greg Mckone, Senior Consultant Service Operation, IM/IT User Experience and Service Management

Would you like to learn a system for choosing secure passwords that you remember? Tips to save you the time and trouble of needing to call for a password reset.

Are you like me and find it stressful when you need to reset or change your password? Would you like to learn a system for choosing secure passwords that you remember?

Health Informatics takes our role seriously by constantly working behind the scenes to ensure our computers and systems are secure to protect patient information.

But our most important security feature is you. You keep our patients’ data safe by following computer security rules and using strong passwords.

Forgotten passwords results in many calls to the service desk, and while it usually only takes a couple minutes to reset a password and get health care providers back in action, it does take some time to make that call. Service Desk is glad to support us when this happens and each month they reset 2,364 Windows passwords, 1,426 Meditech passwords, and 203 PARIS passwords. 

Since we have many passwords to remember, and I’d like to save you the time and trouble of needing to call for a password reset by sharing my plan for Picking Great Passwords I Never Forget:

  • Have a plan. Planning how you will choose your next password removes the stress of coming up with a password on the spot. Come up with a plan before the “choose a new password” prompt appears. Here is my plan: (“base password” + “complexity” + “system”)
  • Use a base password. Choose a core for your password that never changes, this way your fingers and your brain will easily fill in this part of your password. Pick something people would not guess (not your name).
    • Pro Tip: Consider capitalizing your base password to add complexity without adding extra letters later.
  • Add complexity onto your base password. Meet the complexity requirements and make your password unique. This is where you use special characters, numbers and capitals to meet complexity rules.
    • Pro Tip: Pick numbers that you can increment when your password has to change. 
    • Pro Tip: Write only the changing part down where you can find it. (not the whole password)
  • Add a location. It is important that passwords be different between systems so that a stolen password can’t be used to access “everything”. Adding the “location” where the password is used keeps the password easy to remember. Use an abbreviation to keep it short. For example; “med for Meditech” etc.

SAMPLE:  Base:  “FHrocks” + Complexity “2!” + Location: “med” = “FHrocks2!med”
SAMPLE:  Base: “amazing” + Complexity  “Y17?” + Location “win” = “amazingY17?win”

I hope my plan helps you remember strong passwords, that make your life easier. If you're interested, read the Fraser Health password policy.

Reminder: If your password is stolen or shared: follow your plan, choose a new base, add complexity and location and change your passwords to keep patient data safe.

So, what do you think?

What is your experience with password resets?
Is there anything else you’d like to learn about passwords?
Have you used self-serve reset tools in the past?

Please let me know in the comments.

comments powered by Disqus