With the evolving dependence on technology, both in and out of the workplace, it is imperative to adopt good password practices. These practices play a pivotal role in minimizing your exposure levels and strengthening your security. A recent study revealed that over 550 million stolen passwords have been published on the dark web since 2017. Furthermore, more than 80% of company data breaches were a direct result of weak passwords.
Fortunately, implementing strong password hygiene is easy. Below, we discuss the importance of instilling strong password habits within your business and provide valuable tips on creating and managing strong passwords effectively.
The Importance of Good Password Hygiene
Good password hygiene is a fundamental aspect of maintaining a strong security posture and ensuring the safety of your information. Weak password practices can leave your business vulnerable to potential cyberattacks, resulting in financial losses, compromised data, fraud, or a general loss of productivity. To test the strength of your password, visit security.org/how-secure-is-my-password/ to see just how difficult it would be for hackers to crack it.
By making password security a priority and following the tips below, you can significantly reduce the risk of falling victim to cyberattacks.
1. Use more complex passwords
When it comes to password safety, complexity is crucial. Using simple passwords (pet names, birthday/anniversary, street you grew up on), or leaving default passwords in place (password, admin, 12345, or even blank) are quite dangerous. These types of passwords are easier to guess and often provide an easy entry point for an attack.
A strong password should be challenging to guess and include various characters, as well as a recommended length. This type of password should consist of a mix of uppercase and lowercase letters, numbers, and symbols. For instance, instead of using ‘windows,’ a more secure version would be ‘W1nd0w$678!’ The combination change and the addition of numbers and symbols make it much harder to guess.
2. Maintain multiple passwords across different accounts
Having a single password for all your accounts grants hackers or impersonators access to everything if they guess your password. Although it can sometimes be cumbersome to remember multiple passwords for various accounts, it is highly recommended.
It is important to ensure that these passwords are unique and different. Avoid simply changing one variable, as it can be just as easily guessed. For example, if your password is ‘password,’ the other accounts should not be ‘password1,’ ‘password2,’ ‘password3,’ etc.
There are also several good password managers available, mentioned later in his blog, that help you avoid the hassle of remembering them all.
3. Use memorable words or phases
Instead of relying on random combinations of characters and numbers that are difficult to remember, consider using a few words, a number, and a symbol: ‘CandleBookLight87$.’ Another example would be to abbreviate a phrase like ‘my cat is my favorite pet’ followed by a number and symbol: ‘mcimfp45!’. This creates a very unique but memorable password.
The overall objective is to try and enhance security without driving yourself crazy trying to come up with a million different text strings that you’ll never remember.
4. Optional password vaults
If you find it challenging to remember multiple complex passwords, consider using a password manager or vault. These tools securely store your passwords and can even generate strong, unique passwords for you. Earlier, we mentioned tools that can help manage and store these passwords for you. A few good examples are:
- LastPass – https://lastpass.com
- 1Password – https://1password.com
- KeePass – https://keepass.info
Keep in mind that when adding a password manager, you should consider using one that also offers multi-factor authentication (MFA) for added security. Working with a managed service provider (MSP) can help your business seamlessly implement advanced tools like password management solutions and MFA. They can also assist you in developing and enforcing robust password policies to ensure your business is adequately protected.
CompuData offers IT Security solutions that extend beyond traditional data protection. We offer a comprehensive solution and train your team to help protect you against cyber threats. We take a proactive approach that offers flexibility and scalability to strategically protect your company.