Cyberattacks have affected hundreds of businesses around the world. The consequences of a security breach or data theft incident extend beyond financial losses. Beyond reduction in revenue and profits, businesses often have to deal with the dent in brand image for a long time. More often than not, password theft/hack is one of the primary forms of cyberattack & breaches. Hackers use backdoor password to infect systems, networked devices and resources, and that could lead to a domino effect within the organization. In this post, we are sharing top tips to create strong passwords.
- Create long passwords. Gone are times when a 6-character password was considered to be adequate. For business & personal products, accounts and devices, passwords need to be at least 10 characters. Long passwords are hard to crack – period.
- Avoid the obvious. If required, use a complete nonsense password that doesn’t make any sense. Using personal or business details in any form can be a big mistake, because hackers expect users to do so. Do not use any information that would be easy to remember for you for personal reasons.
- Consider a mix. Strong passwords should include uppercase & lowercase letters, numbers, and special characters. For instance, you could replace your ‘a’ with ‘@’. These are small ways of ensuring that your passwords are hard to guess and crack.
- Use a password management tool. Every employee probably has to deal with a bunch of passwords on a regular basis, and it is rather unfair to expect them to remember it all. Check for password management tools and recommend one. These tools allow users to create and retrieve passwords as required, without guessing or having to write things down.
- Never reuse passwords. Always ensure that passwords are new and not similar or same as old ones. Reusing passwords is the biggest mistake employees make, often because these are easy to remember. Every time you set a password, it has to be unique and complete dissimilar to others.
- Change passwords frequently. It is also wise to change passwords at least once in three to four months. If your employees are not doing that, you can create a validity for passwords, so after the end of the period, the system will automatically prompt them to change the current one.
Finally, consider multifactor authentication, if required, for selected accounts. For certain resources, networked devices and accounts, a strong password is not always enough.