When was the last time you changed your password? And we do say "password" - considering that a survey conducted across the UK and US by Telesign indicated that 3 out of 4 users tend to use one password duplicated across multiple areas. Add to that the fact that over 20% of people use passwords older than ten years, and you're looking at a recipe for a cybersecurity disaster.
So if your password selection strategy sounds anything like the above, it's time to change those passwords, stat! It may sound simple, but a good password strategy is the first step in taking responsibility for the security of your accounts and devices, whether in a personal or professional capacity. So if you're ready to ditch the name of your favourite sports team or the infamous "123456", here are a few best practices for creating more secure passwords.
8 Tips for Creating Formidable Passwords
1. Don't leave your passwords lying about
It's a given that leaving your password on a Post-It stuck to your monitor is a dumb idea. It's also not a great idea to store your passwords in notebooks, spreadsheets or in physical locations where others may be able to access them. You wouldn't leave your house keys or wallet lying about for strangers to nab, so don't leave your passwords out in the open.
2. Choose 2-factor authentication (2FA) personally and professionally
When you use 2-factor authentication, you add another layer to your basic login procedure. These means instead of merely having your username and password, you'll have a second procedure to complete before you gain access to the protected resource or location. 2FA requires users to have 2 out of three credentials before you are granted access (hence the name). These credentials include a pin/password, a phone, fob or atm card and a biometric factor (like a fingerprint).
3. Password protect your mobile devices
With mobile devices as our constant companions, most of us put a pin/password on our devices. But it shouldn't stop there. Don't store your passwords on your mobile device, never share passwords via email, IM or text and never leave your device unattended in public. Additionally, ensure the sensitive material on your device is encrypted and disable apps and options you don't use.
4. Enforce a strong password policy
Ensure that your whole team is in the know and adheres to a password policy in the workplace, preferably an enforced one as far as possible. This is a crucial factor if your company has a liberal BYOD policy, as your employees could be taking sensitive data and company devices out of the office. Let your password policy dictate the length, format and rate of change for all passwords developed.
5. Look into an MDM solution for BYOD devices accessing your network
A mobile device management (MDM) solution benefits your business by allowing you to continue supporting mobile workers and BYOD policies while maintaining control over mobile devices and their security.
6. Consider using password management software
Since we've already established that haphazard password storage isn't ideal, it begs the question, "Where do you store all your passwords then?" Simple. Get password management software, which will allow you to manage and store your passwords.
7. Stay in the know regarding the worst passwords lists
Every year Splashdata releases its compilation of the worst and most common passwords found on the Internet, which gives you a good idea of what to avoid straight off the mark.
8. Create passwords with variation and length
Strong passwords should have variations in upper and lower case letters, symbols, and numbers. They should also exceed 8 characters and contain made-up phrases and avoid complete words. They also need to be changed on a regular basis. If you'd like to test your password's strength, you can use an online checker to put it through its paces.
Don't let security threats take advantage of your password protocols and procedures. Stay ahead of the game and keep your devices and accounts safe.
