Up in the Air: Learn How to Secure Your Wireless Network
July 26, 2016
The Benefits of IT Outsourcing for Small Businesses
August 13, 2016
Show all

How to Create a Strong and Secure Password

Have you ever wondered why your employer makes you change your secure password every 60 days? It’s because they assume you are using that same password on every third-party website you sign up for. More than 50 percent of Internet users repeatedly use the same password on third-party sites despite clear HR guidelines against doing so.

This is of serious concern because an estimated 30,000 websites get hacked daily, which exposes passwords to the entire Internet and, worse, citizens of countries that are very interested in your company’s data. Your company email address and password are the keys these criminals need to infiltrate your company’s network, access sensitive data, and possibly cause massive data and financial loss. The damage to your company’s reputation–and your career–can be devastating…

The key to securing your job and your account is creating a strong password, but, a strong password that you can’t remember isn’t very useful. However, the last thing you want to do is get on your IT person’s bad side by asking for a password reset every day. That won’t be good the next time your printer stops working and you need some tech support.

achieve password upper lower case letters numbers keyboard charactersUse upper and lower case letters, numbers and keyboard characters in your strong, secure password

Most websites now require an 8-character password that isn’t a random number. The difference between brute-force cracking a 7 or 8-character password with numbers and mixed-case is almost 2 years. Adding a special character to this equation adds almost 500 years!


achieve password choose length over complexity

Choose length over complexity for your password

The longer a password is, the harder it is to guess. That’s why PCI and HIPAA Compliance requires up to 14-character passwords, which would take more than 100 years to crack even without special characters.

achieve passwords use a passphrase

Don’t use real words in your strong password

How do I remember these often ridiculous phrases?

It may seem difficult to remember your new secure passphrase, especially since it needs to be changed every 60 days.. However, here are some tricks to the system that will help protect you and your relationship with your IT person at the same time:

  • When you need to change your password, you cannot increment the number at the end but can increment the number at the start, or the middle of the word.

Example: Password1 cannot be changed to Password2, but 1Password can be changed to 2Password

  • Avoid dictionary words by using proper nouns. However, it is not a good idea to use the names of people or pets because they can be easily found on your Facebook page.

Example: Your favorite store 617Neiman

  • The last step is to add at least one special character. Special characters are the symbols above the numbers on your keyboard, including !@#$%^&*()_+.
  • The easiest way to use special characters is to replace them with like characters:

Example: Use 0 or Ø for O, @ for a, $ for s, ! for I, or use parentheses around everything (617Niem@n)

achieve networks get a password manager

Get yourself a password manager

We use Last Pass at Achieve Networks because of its ease of use and price (free).

 

A corporate network may not allow you to use a password manager because they do not have control over where your passwords are stored. If you work for an organization with highly sensitive data, such as the finance industry or for the government, I would not recommend using any password manager.

You should also consider using a password for your mobile device.

achieve networks Don't disclose your password details to ANYBODY

Don’t tell your password to anybody.

 

You wouldn’t leave your front door unlocked or put a key under the doormat if you went on vacation, so why would you stick your password on your monitor at work?

This may seem like a no-brainer, but I have seen plenty of Post-It® Notes stuck right on the monitor with the user’s username and password. As much as we would like to trust the cleaning crew with your credentials, they are not bound by the same contract as full-time vested employees of your company. I do not recommend writing your password down anywhere, but if you need to, don’t write your username on the same paper as your password.

achieve networks be vigilant

Be vigilant

The security issues of free and unsecured Wi-Fi could take up a whole separate article.  Just be aware that any public areas are vulnerable to data leaks. Change your password often, and always be nice to your IT person. 🙂

 

Contact us for knowledgeable network security guidance and support

Achieve Networks builds and maintains rock solid networks with the strongest security available to protect your data. If you are an IT manager or business owner concerned about your data security (and you should be), get a free network audit for your business.

free network audit cta achieve networks

Leave a Reply

Your email address will not be published. Required fields are marked *