Here is a scenario familiar to many of us in the dental field. A patient is done with services and comes back up front to pay their portion on their CareCredit account. You go to log into your CareCredit account (or any insurance toolkit) as you always do and BAM! You are hit with a message that says your “password has expired…” Now you are struggling to come up with a password that fits all the criteria, AND that you have not used in the past. All the while the patient stands there and stares at you drumming their fingers on your counter top.
As office managers, clinical staff and dentists our jobs are already riddled with daily challenges. However the constant need to create and change passwords for the sometimes dozens of systems in a office, like the scenario above, is probably on the top of my list of things I do not like to deal with. No longer is it acceptable (well was it ever?) to use your name, date of birth or even “Password” as a password. It seems like every system has their own set of perimeters that they require of user passwords. Not only do you have to create these passwords once but often you are required to change then every 90 days or so. That is a good habit to get into even if you are not required to change your passwords on a routine basis. But what is a good password?
First lets talk about what a “bad” password is. Using your name or the name or a relative, birth date, or “Password”. Also using repeating numbers and letters. Many systems will not let you use passwords that have previously been used or that are similar to previous ones. But have no fear there are some techniques to help you create effective passwords.
In the last few years we have been told to use special characters, $,@,# etc. While replacing an S with $ is or a with @ is a start it is not as secure as once thought. The special character principle, however, can be applied to the Bruce Schneider Method. This method calls for creating a phrase that can be turned into a password. What you will want to do is think of an uncommon, original phrase, not a movie line or song lyric. It will need to be able to be a 12 digit or longer password that uses upper and lower case letters, numbers and special characters. An example of this is Rt0BmorO@tgs, which comes from Remember to buy more Oreos at the grocery store. The password is 12 characters, Upper and lower case, numbers and special characters. There are of course a number of other methods that can be used. I find this method works best for those of us who have to remember and recreate multiple passwords on a regular basis. Passwords are a tedious yet important part of security for your office and for the protection of patient health care information. We hope this blog helps ease the burden of creating effective passwords and possibly adding a bit of fun to the process.
Tyler Kerr, HIPAA Compliance