Today we have so many accounts online it is difficult, near on impossible to remember every password we have. However strong password security is vital to keep your systems and data secure and protected.
Cyber-criminals target weak passwords and use software that can guess 350 billion passwords a second. Unfortunately there is a lot of low hanging fruit for them to attack. Incredibly, passwords such as 12345 and even password are all too common.
Furthermore, a lot of people use the same password for every account. Problem is that if one account is comprised, they all can be.
If you currently use you pets name as your password, take the time to read our some do’s and don’ts to help you create stronger passwords.
Make your passwords long
The shorter the password is, the less time it takes for someone to guess. We recommend using at minimum 8 characters.
Using programs a hacker can crack a password under 8 characters in less than a second. The longer the password the better.
Avoid using obvious personal information.
While it may be easier for you to remember, its also easier for someone trying to access your information. Things like your pet or childs name, or favourite sports team can be picked using Social Engineering.
Take caution with what information you share on social media. Posts where you list your favourite animal, first pet , city your were born. This could be social engineering in an attempt to guess a password or security questions.
Don’t reuse passwords.
If your passwords were to become compromised, hackers will often leak them online on the dark-web. Using the same password in multiple accounts may put them all at risk.
Include numbers, symbols, upper and lowercase letters.
Randomly mix numbers and upper and lowercase into your password. Using things like @ for a and 3 for E.
Use a Passphrase
A passphrase made up of random words something like “h0l1dayinh@wa11”. Using a passphrase is easier to remember than random letters and numbers, but takes a lot longer to crack.
Passphrases can be some of the most secure practices you can apply to your passwords. The probably of a cyber criminal cracking a password passphrase is greatly reduced.
Use a tiered system for your passwords.
Implementing a tiered system for your passwords allows you to create more complex passwords for those accounts that hold valuable information.
For example, tier one would be high risk such as banking, online payments and social media. Teir 1 accounts, using a long passphrase would be a must. Apply tier two to accounts such as e-newsletters where no valuable information is passed on. Accounts like these could use less complex passwords.
Beware of emails asking for password updates.
Never provide your password to a website you have accessed by clicking a link, it may be a phishing attack.
If you need to update a password go directly to the website.
Be Cautious on Public Networks
Take caution using password- protected sites and services when on a public computer or Wi-Fi service. Logging into banking or social media accounts on a public computer is highly discouraged.
If you are on a public network, using a VPN (paid not the free ones) would be the best way to stay secure.
Use Multi-factor Authentication.
Use Multi-factor of two factor authentication (2FA) wherever you can. Most importantly if your passcode is compromised with a multi-factor authentication in place, it can stop the hacker in their tracks. You can learn more about 2FA here .
Use a Password Manager.
Password managers is a service that can create and store all your passwords in one central location. Most people have trouble remembering things and keeping a piece of paper or book of passwords is not advised, especially in an office. Password Managers are kept in a vault accessed by a master password and often use a multi-factor authentication to access. It makes it easier to create a good password system with different passwords and better strength.
MyGlue is a product that we recommend and provide to our clients. It protects your data with state-of-the-art security, including role-based permissions, audit trail, version history, two-factor authentication and the gold standard of cloud software, SOC 2 compliance.
Practice good password hygiene.
Creating good password practices can help avoid becoming victim to an attack. When creating a good password process, include a minimum and maximum period to change passwords. Keep in mind you don’t want to make them too frequent (e.g. every 30 days). If you’re constantly changing passwords you’re not as likely to make them as strong as they need to be.
Taking the time to review and update your passwords with the tips above can help avoid heartache in the future.