Today is World Password Day! The modern password needs to be more complex than many people make them out to be. Whether is it to check our bank accounts, pay bills, or to check our email and social media feeds, accessing these will require you to divulge your login credentials before it is granted.
A proper password philosophy is all about making unique, strong passwords for every login. Keeping up with multiple passwords can be frustrating, especially with login requirements becoming more complex in today’s landscape.
Here are some tips for creating strong passwords and how to keep them safe.
What makes a password “acceptable?”
Many websites and apps have a set of requirements needed for you to create an account, which the typical requirements include, but are not limited to:
- Being at least 6-10 characters long
- Must include uppercase and lowercase letters
- Must include non-alphanumeric characters (such as symbols)
This also may require you to create a special passphrase or answer a security question just in case you forget your password. Be as creative with your passwords as possible so they are not easily guessable, but not too random to where you cannot remember them. Using passphrases and acronyms that are unique to you is also a good practice.
Whatever you do, do NOT fall into these pitfalls when making your login passwords:
- Use actual names, places, or recognizable things. This includes pet names, high schools, birth dates, anniversaries, or even previous online handles.
- Use a simple character sequence. Some of the most used passwords are simple keyboard sequences such as “123456” or “qwerty.” Simple numerical sequences on your 10-key pad should be avoided as well, such as “7410” or “789456”
- Use easy, common phrases. We mentioned using passphrases but make sure they are not simple ones such as “iloveyou” or “mondaynightfootball.”
- Continue using the default passwords given upon sign-up. Some logins will provide a password for you but do not automatically require you to change it upon login. Always change these default passwords, such as a default Wi-Fi password when you install a new modem or router.
- Use the same passwords for multiple logins. This is a doozy. You need unique passwords for EVERY login, as using the same passwords for multiple sites makes you vulnerable should one of those sites get breached. If one is compromised, they are all potentially compromised.
You have so many passwords now. How should they be preserved?
In this age of cyber-crime and identity theft, keeping your passwords on a pad of paper, sticky notes, or an online document just won’t cut it, no matter how indecipherable you might think they are. Even worse, depending on your organization, leaving login credentials out in the open could count as a HIPAA violation, which may incur a hefty fine.
No. Just no. Keep your logins archived in a secure place or consider using a password manager for your logins.
Are password managers safe to use?
Password managers keep your logins under one encrypted roof and generate strong passwords to insert automatically when logging into different websites. Password managers only require you to recall one master password for sign-on and give you the ability to maintain all your login credentials.
It’s understandable to have reservations about having a “master key” to your logins in the hands of a third-party company. Most password managers encrypt and store your master password locally, not on a remote server. If it is on a server, it's not readable by the company. Many password managers such as LastPass and DashLane have free versions but offer additional features for paid accounts such as secure file storage, Multi-Factor Authentication, and VPN capabilities. It's best to research your options to determine which is the best password manager solution for your business.
Gone are the days of thinking that using only letters for passwords and that it’s safe to share them across sites. Make sure that you are going the extra mile in protecting your passwords for every login.
neoRhino’s certified IT 24/7 helpdesk squad is here to help strengthen your online defenses. Contact Us or give us a call at (281) 779-4850 as we are open and here to be there for your business during these trying times and beyond.
