May 4th is World Password Day, and a necessary reminder to review your password security.
Given the heavy reliance of the business world on digitalisation in the present era, the incorporation of technology into your organisation is inevitable. While technology can undoubtedly provide your business with an advantage in increasingly competitive markets, there are various problematic areas to monitor closely. This is why the interest in cyber security has grown in recent times.
If you want to enhance your cyber security, password protection is an excellent place to begin. Password protection is the process of setting up a password to secure an entity's data. Once data is password-protected, only those with passwords can access information or accounts. However, due to the frequent use of passwords, people tend to overlook their importance and make careless mistakes that could result in security breaches.
This makes it crucial for businesses to create strategies for educating employees on best practices when using passwords.
To safeguard the confidentiality of your passwords, here are six common practices you should avoid:
1. Writing passwords on sticky notes
Although you may feel that writing down passwords improves password protection and makes it more difficult for someone to steal your passwords online, it can make it easier for someone to steal your passwords locally.
2. Saving passwords to your browser
This is because web browsers are terrible at protecting passwords and other sensitive information like your name and credit card number. Web browsers can easily be compromised and a wide range of malware, browser extensions and software can extract sensitive data from them.
3. Iterating your password (for example, PowerWalker1 to PowerWalker2)
Although this is a common practice among digital users, it is unlikely to protect against sophisticated cyber threats. Hackers have become far too intelligent and can crack iterated passwords in the blink of an eye.
4. Using the same password across multiple accounts
If you do so, you are handing cybercriminals a golden opportunity to exploit all your accounts.
5. Capitalising the first letter of your password to meet a requirement
Out of habit, most of us tend to capitalise the first letter of our passwords to conform with the "one capitalised letter" requirement. However, hackers are aware of this, making it easy for them to guess the capitalised letter's position.
6. Using “!” to conform with the symbol requirement
However, if you must use it, don’t place it at the end of your password. Placing it anywhere else in the sequence makes your password more secure.
Protect the confidentiality of your passwords by following these six practices:
1. Create long, phrase-based passwords that exchange letters for numbers and symbols
For instance, if you choose "Honey, I shrunk the kids," write it as "h0ney1$hrunkth3k!d$." This makes your password harder for hackers to crack.
2. Change critical passwords every three months
Passwords protecting sensitive data must be handled with caution because there is a lot at stake if they are compromised. If you use a password for a long time, hackers may have enough time to crack it. Therefore, make sure you change your critical passwords every three months.
3. Change less critical passwords every six months
This necessitates determining which password is crucial and which is not. In any case, regardless of their criticality, changing your passwords every few months is a good practice.
4. Use multifactor authentication
It’s your responsibility to do everything in your power to keep nefarious cybercriminals at bay. One of the best approaches is to barricade them with multiple layers of authentication.
5. Always use passwords that are longer than eight characters and include numbers, letters and symbols
The more complicated things are for hackers, the better.
6. Use a password manager
A password manager can relieve the burden of remembering a long list of passwords, freeing up time for more productive tasks.
Our team can implement a complexity policy and secure password manager for your organisation that not only generates and securely stores strong passwords, but allows for multi factor authentication and customisable levels of access for your team.
Book a free consultation with our team today!
Or call us on 1300 626 243