The humble password has been around for centuries and still acts as the first line of defense against hackers. From the very beginning, the purpose of a password has been to protect information. Now that almost everything we work with is on online, it is more important than ever to make sure the one string of digits and letters that protects all this material is extremely secure.
Many people today would prefer keeping up with one simple password for their multiple accounts, making it easier to remember and faster to login. This actually opens the door to all sorts of trouble. What’s worse is that it may not only be you that’s in jeopardy for this weak security; if a hacker or phisher is able to crack your password and obtain your account info, they might be able to access other important accounts or even your work’s network. Putting your company at risk because of a weak password is easily avoidable. Here are some ways to improve password security:
Change Passwords Regularly
While it may be a little excessive and unrealistic to change all the passwords of your numerous accounts on a month-to-month basis, it is logical to change your passwords every year to ensure the security of your accounts. You should also be changing your password if any of these situations arise:
- After a service discloses a security incident
- There is evidence of unauthorized access to your account
- There is evidence of an attempt to login to your account from an unknown location or device
- There is evidence of malware or other compromise of you device
- You shared access to an account with someone who is no longer using the login
- You logged into an account on a shared or public computer
Use Combinations of Characters
We all know it’s never fun to see accounts telling us that
“passwords must have:
- Eight characters
- One symbol
- One number
- One uppercase
- One lowercase”,
but hey, they’re not wrong. Yeah, the extra steps might be a little annoying and take a couple more seconds of you time, but doing so adds more variables that can make it harder for hackers to access your account. I don’t know about you, but I would much rather deal with the annoyance of a complex password than the annoyance of a data breach.
Use Passphrases Instead of Passwords
A passphrase is pretty self-explanatory. Instead of a string of characters, a passphrase is exactly what it sounds like – a phrase used for a password. For example, someone could use the passphrase “Be the change you want to see in the world.” A passphrase can also contain symbols and doesn’t have to be a proper sentence or grammatically correct; the main point is that a passphrase is:
- Easier to remember – It is always easier to remember a lyric to your favorite song or a memorable quote than it is to remember a string of random symbols.
- Harder to crack than an average password – There are now state-of-the-art hacking tools that are able to crack even the most complex password, but even the most advanced cracking tool won’t be able to guess or pre-compute these passphrases.
Just make sure that the phrase you choose is not so common or popular that it can easily be guessed by someone who knows you.
Use Multiple Factors of Authentication (MFA)
There has been many instances where companies could have avoided a breach by using multi-factor authentication (MFA). Multi-factor identification (sometimes called two-factor authentication), is a security feature that allows you to have more than just your username and password to access your account. After entering your username and password, MFA requires a second piece of information, such as:
- Security questions (e.g. “What is your mother’s maiden name?” or “What was the name of your first pet”)
- One time text/call code
- Finger print scan
Multi-factor authentication and two-factor authentication are great ways to keep your passwords strong and essentially safeguard your accounts from potential breaches.
Hide Physical Evidence of Passwords
In an environment where passwords are updated regularly, it might seem convenient to write it on a sticky note and put it on a monitor or in an unlocked desk drawer for reference until it changes again. In reality, this could be a massive security hole if someone were to walk into the office space looking for data to steal. Nowadays there are plenty of apps that safely store and retrieve your passwords for you. Some good ones are:
Don’t Share Passwords
By granting permission to let anyone use your credentials, you are compromising the security of your accounts. From the moment they have access, you have no idea what they will do with your account details or whom they might share it with. By keeping your information private, not only are you making sure that your personal information is secure, but you’re keeping yourself from potential responsibility for malicious acts someone could partake in on your account. If someone were to hack into your account and commit a mischievous act, you could and probably would be held accountable.
Take these tips into consideration next time you enter a new or change an old password. Taking the extra steps to ensure the strength of your passwords will result in the extra security of your accounts and your company.