The business world these days relies heavily on digital everything, so using technology in your business is nearly as vital as breathing. Though technology can give your business an advantage, we all know cybersecurity has become an increasingly important topic in recent years.
Protecting your passwords is the best, most simple place to start ramping up your cybersecurity. Let's start with the basics: Password protection is simply setting a password to keep your data secure, so only people who have the password can access the information or accounts you're trying to keep safe. But because we use passwords so often, we often overlook how important they are and make careless mistakes. This can lead to security breaches, which is why it's imperative to educate employees about best practices when using passwords.
6 Password Don'ts
Protect the confidentiality of your passwords by following these six password don’ts:
- Don’t write passwords on sticky notes. It sounds logical that writing down a password makes it harder for someone to steal your password online, but the flip side is that it can make it easier to steal your passwords locally.
- Don’t save passwords to your browser. "Would you like to remember that password?" Your web browser is trying to be helpful, but in truth web browsers can easily be compromised by a wide range of malware, browser extensions and other software.
- Don’t iterate your password (for example, Remember1 and Remember2). This is a common practice among digital users, but it's unlikely to protect against sophisticated cyberthreats. Hackers have become far too intelligent and can crack iterated passwords easily.
- Don’t use the same password across multiple accounts. If you do, you're giving cybercriminals a single key to all of your accounts.
- Don’t capitalize the first letter of your password to meet the “one capitalized letter” requirement. Yes, password requirements can be cumbersome. But too many of us capitalize the first letter of our passwords to make our passwords abide by the requirement for one capitalized letter. Hackers are on to this, so it's that much easier for them to guess the password.
- Don’t use an exclamation mark to meet with the symbol requirement! This is the same principle as #5. If you must use the exclamation mark, don’t place it at the end of your password. Put it anywhere else in the sequence to make your password more secure.
6 Password Do's
You've read the don'ts, but what should you do? Protect your passwords with these six password dos:
- Create long, phrase-based passwords that exchange letters for numbers and symbols. For instance, if you choose the phrase "Honey, I shrunk the kids," write it as "h0ney1$hrunkth3k!d$." This makes your password much harder for hackers to crack.
- Change critical passwords every three months. Passwords that protect sensitive data should be handled with extra caution. If you use a password for a long time, hackers may have enough time to crack it. Make sure you change your critical passwords every three months.
- Change less critical passwords every six months. To make sense of #2 and #3 together, you'll need to determine which passwords are crucial and which aren't. In any case, changing passwords every few months is a good practice.
- Use multi-factor authentication. Don't just password protect critical data, but use multi-factor authentication—for example, receiving a code via text message after you log in. This double protection will keep your data extra safe.
- Always use passwords that are longer than eight characters and include numbers, letters and symbols. The more complicated, the better. (As long as you can remember it!)
- Use a password manager. Password manager software can relieve the burden of remembering a long list of passwords, freeing up time for more productive tasks. Need a password manager? Ask us. CHR can help.
Keeping data safe requires constant vigilance and effort. We know it can get complicated. If we can ever help you boost your security and put your mind at ease, please let us know.