Happy World Password Day! Actually, it was last week, on May 4th. Did you celebrate? It's not too late. The purpose of the day is to bolster cybersecurity by reminding people to update and strengthen their passwords. A good idea given that a new report reveals that 81% of hacking-related data breaches can be traced to weak and/or stolen passwords. Are you doing what you can to protect yourself and your business?
Password Best Practices - 6 Tips
1. Make your password unique and interesting. The tendency to simplify your passwords and repeat them makes them prone to attack. If you're going to have a security system, you want it to work, right? Effective passwords are sufficiently long (8 or more characters) and combine upper and lowercase letters along with numbers and symbols.
2. Don't repeat. Do not use the same password for more than one site. If you do, when one password is stolen it can be used to compromise more than one account. Think of a system that makes sense to you, but is not easily guessed by others, to vary your passwords.
3. Protect your password. No, a sticky note in your desk drawer or on your monitor is not sufficient. If you must write down your password, don't save it electronically. If your computer is hacked, then you've just given the criminal access to all your accounts when he stumbles on your "my passwords" document. Store any written passwords in a secure location, like a safe.
4. Employ two-factor or multi-factor authentication (2FA/MFA). Adding an extra step to your log-in credentials bolsters your protection. It might be a fingerprint, a pin sent to your phone, or a security question you need to answer. Stolen credentials may become useless to a thief if you have this extra layer of protection. Check your account settings and add MFA if it's available.
5. Watch what you share online. Giving the world insight into your personal life on social media or elsewhere can make passwords and answers to security questions easier to guess. It also gives cybercriminals information to launch effective spear phishing attacks. Oversharing equals more exposure to cybercrime.
6. Change your password (maybe). The thinking on the value of regular changes to passwords has evolved. You should change your password if you are going to strengthen it, but changing it too often may result in weaker passwords or repeat passwords if your creativity and patience runs short. Of course, if there's an event that suggests your password may have been compromised, by all means, change it.
Someday (hopefully soon) passwords will be passé and new technologies will replace this security tool. But, while passwords function as a line of defense between hackers and private data, it's wise to take commonsense steps to make them strong.