As cyber security experts, we have a thing or two to say about passwords!
No doubt you’ve been told countless times to use a unique and strong password for all your accounts but how on earth will you remember them all?
If every house in your street could be unlocked at any time by shouting “123456” at it – those homes wouldn’t stay secure for long. And neither will your online accounts!
As a business, you need to be aware of protecting sensitive information from cyber threats. It is especially important to prioritise security when remote employees access corporate networks, databases, and other confidential data from different devices.
If a criminal can access your accounts they could access private information like your bank details, post emails and messages pretending to be from you, and reset all your other account passwords to lock you out. It is a logistical and reputational nightmare when it happens.
The fundamentals of mitigating risk should be:
- Create strong and unique passwords for each account.
- Enable multi-factor authentication whenever possible. This adds an extra layer of security by requiring a second form of verification.
Under no circumstances make your password about you!
- Criminals can find out a lot about you from your social media account so don’t make one about you.
- Never use your birthday or phone number.
- Don’t use a family member’s name, including your pet!
- Avoid words you’d find in the dictionary. Hackers can use programmes to try every word in the dictionary to crack your password.
- Use different passwords for each account.
- Update your passwords periodically.
- Mix in upper and lower case letters, numbers, and special characters.
- Make it long and as random as possible.
- Combine 3 words and mix in numbers and special characters making it harder to crack, e.g. cake, grass and ukulele could be cakE!Gra55?Ukul3le£*
We’d really recommend using a password manager. They can generate and keep track of strong passwords with encryption algorithms, doing all the work for you.
“What if my password manager gets hacked?” we hear you ask. Password managers are usually heavily encrypted. Plus, they have an extra layer of protection through two-factor authentication, so every time you log in you have to also submit a verification code sent to your mobile phone.
They can also help to spot fake websites to protect you from phishing attacks and notify you if your password appears in a known data breach so you can change it straight away.
Act now or regret it later!
If you’d like to chat with us about all our cyber security services, please get in touch with the team today.