Getting passwords right can be frustrating. If you think about all of the programs you log in to on a monthly basis, it’s overwhelming. You know that you need to use passwords and that there are people who are constantly trying to break into software. In fact, a lot of hackers run software that is developed specifically to crack passwords by using algorithms that use human behavior to predict what passwords might be.
So while you’ve cleverly developed a couple of passwords that you use, if you don’t use password best practices, you could find yourself hacked. Having said all that, creating a password doesn’t have to be a nightmare. Here’s a list of Dos and Don’ts that can help you formulate some good passwords.
- Use a mix of characters, numbers and upper and lower case letters to create a unique password (i.e. 3Fc*2>kSd)
- Use extreme caution substituting characters for letters (i.e. p@$$word) Some password-cracking software can detect this now
- Use passwords that are longer than 8 characters where you’re able to
- Use random strings of 2-4 words that don't make sense together (i.e. beefFeet512) This is more difficult for software to crack than Adm!n1
- Change your passwords often
- Use your name or the name of your significant other, children or pets
- Use birthdates or other discoverable dates (i.e. anniversaries)
- Use your login your log-in, or any variation of it
- Use only a single word, even foreign (tremendous)
- Use repeating numbers (password111)
- Use your department or company name
- Use words like password or admin
- Use sequential or repeating numbers and letters (i.e. abc123, 5555, bbb222)
Also, you never want to use the same password for all of your accounts. Once a hacker has a username and password, they’ll try it on dozens of popular sites to see if they can gain access to bank accounts, email, PayPal, popular cloud applications and anywhere else they might be able to gain more information about you and your company.
It’s not enough to have a good password. You need to safeguard that password. You can’t write your passwords down and leave them under your keyboard or store them on your phone (especially if you don’t use a lock screen). Try to use something you can remember. If you share passwords with other staff, such as on shared applications, make sure that you have a secure way of working with your team to make sure that nobody else is able to use the password to access information they shouldn’t have.
Finally, you should change your passwords at least every 6 months. It’s better if you can change it once a quarter, but if this creates too many logistical problems, aim for every 6 months.
Milner, Inc provides around-the-clock IT service and support to keep our client’s networks running smoothly and securely. Are your systems protected? Find out with our risk assessment!