Password best practices

regularguy-eth-r8VbpgMS6Uc-unsplash

With today’s business world reliant on digitalization, using technology in your organization is unavoidable. However, technology can undeniably give your business an advantage in competitive markets. There are many troublesome areas that require some password best practices.

Password protection is the best place to ramp up your cybersecurity. Setting a password to secure an entity’s data is called password protection. Only those with passwords can access information and accounts, which could lead to breaches in security. 

It makes it imperative for businesses to devise strategies to educate employees about best practices when using passwords. 

Six Password “Don’ts.”

You can protect the confidentiality of your passwords by following these six password “don’ts”:

1. Don’t write passwords on sticky notes

Although you may feel that writing passwords improves password protection and makes it more difficult for someone to steal your passwords online, it can make it easier for someone in your office to steal them.  

2. Don’t save passwords to your browser

Web browsers are terrible at protecting passwords and other sensitive information. Hackers can easily compromise web browsers, and a wide range of malware, browser extensions and software can extract sensitive data from them.

3. Don’t iterate your password (for example, PowerWalker1 to PowerWalker2)

Although this is a common practice among digital users, it is unlikely to protect against sophisticated cyber threats. Hackers can crack iterated passwords in the blink of an eye.

4. Don’t use the same password across multiple accounts

If you do so, you are handing cybercriminals a golden opportunity to exploit all your reserves.

5. Don’t capitalize the first letter of your password to meet the “one capitalized letter” requirement

Out of habit, most of us capitalize on the first letter of our passwords to conform to the “one capitalized letter” requirement. However, hackers know this, making it easy to guess the letter’s position.

6. Don’t use “!” to conform to the symbol requirement for a best password practice.

However, if you must use it, don’t place it at the end of your password. Putting it anywhere else in the sequence makes your password more secure.

6 Passwords “Do’s.”

1. Create long, phrase-based passwords that exchange letters for numbers and symbols

A password best practice, for instance, if you choose “Honey, I shrunk the kids,” write it as “h0ney1$hrunkth3k!d$.” Your password becomes more challenging for hackers to crack.

2. Change critical passwords every three months

We must handle passwords protecting sensitive data with caution because there is much at stake if we compromise them. If you use a password for a long time, hackers may have enough time to crack it. Therefore, make sure you change your critical passwords every three months.

3. Change less critical passwords every six months

Determine which passwords are crucial and which are not. Regardless of their criticality, changing your passwords every few months is a good practice. 

4. Use multifactor authentication

It’s your responsibility to do everything in your power to keep nefarious cybercriminals at bay. One of the best approaches is to barricade them with multiple layers of authentication.

5. Longer than eight characters and including numbers, letters and symbols 

The more complicated things are for hackers, the better.

6. Use a password manager 

A password manager can relieve the burden of remembering a long list of passwords, freeing time for more productive tasks. 

Adhering to password best practices requires constant vigilance and effort on your part. As a result, it is best to work with experts like Cyology Labs who can help you boost your security and put your mind at ease. Contact us for a no-obligation consultation.

Terry Cutler

I’m Terry Cutler, the creator of Internet Safety University, an educational system helping to defend corporations and individuals against growing cyber threats. I’m a federal government-cleared cybersecurity expert (a Certified Ethical Hacker), and the founder of Cyology Labs, a first-line security defence firm headquartered in Montréal, Canada. In 2020, I wrote a bestselling book about the secrets of internet safety from the viewpoint of an ethical hacker. I’m a frequent contributor to National & Global media coverage about cyber-crime, spying, security failures, internet scams, and social network dangers families and individuals face daily.