Password Maintenance 101
Be honest with yourself. How long has it actually been since you last updated your passwords?
If you’re like the majority of Americans, password maintenance is not the first thing that comes to your mind everyday when you head into the office. In fact, it’s probably one of the last, and even if it does cross your mind, it’s probably something you keep moving to the bottom of your to-do list.
In a report from LastPass, the password management service, 51% of users rely on their memory to keep track of passwords, while 65% always or mostly still use the same password or a variation. The most disheartening aspect of this is that an overwhelming majority of those same people consider password security to be a highly important issue.
The addition of hybrid work has only exacerbated the nonchalance people have in regard to their passwords, with 47% not having changed their online security habits while working from home. Likewise 46% have not updated their password’s strength while working from home, and just under 50% have admitted to sharing sensitive information including passwords for professional accounts while working from home.
What can be done about passwords and how can you maintain them to make sure you are as secure as possible on any network you join whether it be at work, home, or anywhere else?
Why you need a strong password
Hackers can easily crack your password
It is surprisingly easy for a hacker to break into a company's directory, and from there, they can gain access to your password(s). They even have the means to crack your encoded password in seconds.
You can’t afford to have your credentials accessed
A person's online credentials are some of the most important information they have, and when a hacker gets access to them, it can be catastrophic for a company. Depending on their level of access, hackers can find out all they need to take your company’s employees and turn their lives upside down.
A recent GreatHorn report showed which company departments get targeted the most with Finance being targeted nearly 60% of the time. IT and HR are targeted for a combined 29% and the CEO came in at 22%. Credentials obtained from any one of these departments could be devastating to the employees whose vital information is accessed by a hacker.
How to create a strong system of protection for passwords
Use Multi Factor Authentication (MFA)
One of the most important things you can do to protect your passwords is use MFA. Needing to pass through the multiple stages can be tedious and time consuming, but it is absolutely worth it for the added protection it gives you and your information.
Enabling MFA makes it much harder for hackers to break in than if they only need one password. Plus, it allows you to be alerted in the event an attempt is made on one of your accounts.
It also acts as a fail-safe in case you forget one of your passwords since you can access your account through another trusted means.
Make unique passwords for each account and device
It is incredibly important that each password or passphrase you use is different from any of the other ones you use. If all them are the same or have a base element that is used across them, it makes it that much easier for hackers to gain access to them all.
Even if they initially gain access to just one, they can infer that all the others might have aspects in common, so don’t even give them that opportunity.
Use a password manager
Password managers can be a safe way to help you keep track of your passwords. They often need a master password that is significant in length and is difficult to crack. Some of the most common and effective password managers are
Update them frequently
It’s a best practice for password safety to update them every 1-2 months. This way, you are not holding on to old passwords that have been around for enough time for hackers to easily find them.
Think of this practice like a change in security that keeps your team of passwords fresh and ready for anything that comes their way. It is much harder to break into whatever they are protecting if they are always new and up to date.
It also helps you stay in the habit of changing them since it will be on your mind compared to if you never updated them.
Use Passphrases
A much better way to keep your information protected is to use passphrases, but what is a passphrase and how is it different from a password?
Well, much like their root words, a passphrase consists of multiple words that can make up a long sentence while a password is more singular in nature. Therefore, it makes sense that it is easier for a hacker to break through one word versus going through many in a row. Here’s an example of how a password can be turned into a passphrase.
The original password can be: bikerider35
The updated passphrase might be something like: Iridemybikefor35minutesaday
The difference is huge since a hacker can easily run code for a single alphanumeric password, but when you turn that into a sentence that might contain numerous words, numbers and symbols, it makes it exponentially harder to break.
You’ll definitely want to pair this tip with a password manager, unless you have a photographic memory.
More tips and tricks
Do not put your passwords in a place that can be physically accessed like a notebook or journal
Make a password as long as you can possibly remember (at least 8 characters is a good baseline)
Use a combination of uppercase letters, lower case letters, numbers, and special characters for every password you make
Avoid using common dictionary words, names and special dates such as anniversaries or birthdays
If you think your password may have been compromised, change it immediately and check your other accounts.
At work, change your password immediately, and then call your company’s IT Security
Protecting your passwords is one of the simplest and most effective ways for keeping ahead of malicious digital criminals. Unfortunately, you can’t always protect yourself online. Enlisting a dedicated managed IT service provider like Kotman Technology can ensure your company, and its employees, have the proper training and protection.
Kotman Technology has been delivering comprehensive technology solutions to clients in California and Michigan for nearly two decades. We pride ourselves on being the last technology partner you'll ever need. Contact us today to experience the Kotman Difference.