Terry Cutler – The Ethical Hacker
Home » 12 password best practices
Business Content Consumer Content

12 password best practices

Those who know me know how I feel about password best practices. Password protection is imperative in ramping up your cybersecurity. With the business world heavily reliant on digitalization, using technology is unavoidable. Although technology can undeniably give your business an advantage in increasingly competitive markets, there are many troublesome areas to monitor. That is why I want you to know the 12 password best practices.

Setting a password to secure your data is called password protection. Only those with passwords can access information or accounts once data is password-protected. But people overlook their significance and make careless mistakes. This makes it imperative for businesses to educate employees about best practices when using passwords. 

Six Password “Don’ts”

Protect the confidentiality of your passwords by following these six passwords “don’ts”:

1. Don’t write passwords on sticky notes. Although you may feel that writing passwords improves password protection and makes it more difficult for someone to steal your passwords online, it can make it easier for someone to steal them locally.

2. Don’t save passwords to your browser. Web browsers are terrible at protecting passwords and other sensitive information like your name and credit card number. Web browsers can easily be compromised, and a wide range of malware, browser extensions and software can extract sensitive data.

3. Don’t iterate your password (for example, PowerWalker1 to PowerWalker2). Although this is a common practice among digital users, it is unlikely to protect against sophisticated cyber threats. Hackers are too intelligent and can crack iterated passwords in the blink of an eye.

4. Don’t use the same password across multiple accounts. If you do so, you are handing cybercriminals a golden opportunity to exploit all your accounts.

5. Don’t capitalize the first letter of your password to meet the “one capitalized letter” requirement. Out of habit, most of us tend to capitalize to conform to the “one capitalized letter” requirement. However, hackers know this, making it easy to guess the capitalized letter’s position.

6. Don’t use “!” to conform to the symbol requirement. If you must use it, don’t place it at the end of your password. Putting it anywhere else in the sequence makes your password more secure.

Six Passwords “Do’s”

Protect the confidentiality of your passwords by following these six password “dos’”:

1. Create long, phrase-based passwords that exchange letters for numbers and symbols. For instance, if you choose “Honey, I shrunk the kids,” write it as “h0ney1$hrunkth3k!d$.” This makes your password harder for hackers to crack.

2. Change critical passwords every three months. We must handle passwords protecting sensitive data with caution. If you use a password for a long time, hackers may have enough time to crack it. Therefore, make sure you change your critical passwords every three months.

3. Change less critical passwords every six months. This necessitates determining which password is crucial and which is not. Regardless of their criticality, changing your passwords every few months is a good practice. 

4. Use multifactor authentication. It’s your responsibility to do everything in your power to keep nefarious cybercriminals at bay. One of the best approaches is to barricade them with multiple layers of authentication.

5. Always use passwords that are longer than eight characters and include numbers, letters and symbols. The more complicated things are for hackers, the better.

6. Use a password manager. A password manager can relieve the burden of remembering a long list of passwords, freeing time for more productive tasks.

Need a password manager? We can help

Adhering to password best practices requires constant vigilance and effort on your part. As a result, it is best to work with an expert managed service provider (MSP) like us who can help you boost your security and put your mind at ease. Contact us at CyologyLabs.com for a no-obligation consultation.

If you’re a business owner, VP of IT or IT director and want to know if your passwords are leaking onto the DarkWeb, then please visit www.cyologylabs.com/darkweb for your free assessment

If you’re a consumer and want to learn how to protect yourself online, then please visit www.InternetSafetyUniversity.com for our free masterclass.

Finally, don’t forget to download our mobile app FRAUDSTER available on Apple and Android. You can learn more at www.FraudsterApp.com

Subscribe to our mailing list

* indicates required

Related posts

Phoney QR code scams on the rise

Terry Cutler

Backing up your device

Terry Cutler

Don’t overlook these 3 technology budget categories 

Terry Cutler

The fine-print scam

Terry Cutler

Back to Ransomware basics

Terry Cutler

Aussie woman becomes a victim of property scam 

Terry Cutler


Privacy & Cookies Policy