The list of passwords we need to remember in today’s world grows longer every day.
Besides your computer, email and social media accounts, think of all the banking, healthcare and other accounts - online or not - that require a password for identification.
One of the best ways for someone to compromise a business system is to start by stealing your password. Passwords are stolen every second of every day and with the increase in cybersecurity breaches each year, it doesn’t look like it will slow down soon.
Many people are not educated in how to create a strong password. Most business owners rely on their staff to create their own passwords, and if the staff isn’t aware of what makes a password really strong, and doesn’t know how to manage passwords, then company security could be at risk.
Many people don’t bother to come up with new and unique passwords and just use the same ones over and over. Splashdata recently published a list of the worst passwords of 2017.
Among the worst offenders (have you guessed already?):
- 12345678
- password
- qwerty
- letmein
- welcome
- starwars
These commonly used passwords make it easy for someone to crack your code and compromise your security. As your password list continues to grow, use the following management tips to keep your passwords both powerful and easy to manage.
Provide A Clear Definition Of “Strong Password”
Strong passwords should be at least 10 to 15 characters long and include a mix of upper and lowercase letters, numbers, special characters and be different from passwords used in the past.
Suggest Unique Passwords For Everything
If you use the same password - strong or not - for all of your accounts, websites and applications, it provides a pattern for cybercriminals to detect. Criminals who break into Facebook or LinkedIn accounts are looking for patterns and trying to figure out how individuals think. If you love your dog and your password includes your dog’s name
- on every account you have - a hacker can puzzle out various combinations of the name with his or her software to obtain your personal and professional information.
Don’t Use Patterns Across Your Accounts
If you like to use a standard password and make small variations among your different sites (commonly called “salting”), it establishes a pattern. If a hacker finds the pattern, it can open up all your passwords at once. For example, if you used the password AdminFB for Facebook and AdminTWTR for Twitter, it won’t take long after the initial code break to establish that Admin is password and you “salt” it with the specific application name every time.
Get Your Staff To Remove Personal Interests
If someone studied your online social presence, would they be able to crack the logical patterns in your passwords? Don’t use names of family members or
especially pets. Remove all references to hobbies, favorite teams and popular culture (as shown above, “starwars” is now on the worst password list!).
Also, be careful with your security questions. If your Facebook page lists where you went to high school, don’t use “What was your high school mascot?” as your security question. A quick internet search and anyone could have the answer.
Password Generators
There are many password generators and managers on the market. Contact your Managed Services Provider (MSP) for their suggestions of the ones that will best suit your needs.
Your TeamLogic IT MSP has experience in helping clients maintain tight cybersecurity and can always provide you with reliable information on planning
[email protected]* P#$$w0rd*s!
Since 2007, TeamLogic IT has become the 36th largest IT service provider globally. Our success is driven through one core mission - to leverage technology for our customers.Thousands of businesses across the US - just like yours here in Wilmington, NC - are taking advantage of our ability to deliver highly available, secure and flexible IT systems. At TeamLogic IT, our philosophy is simple - we work with you the way we'd want someone to work with us. Visit us today in the Port City at 2901 North Kerr Ave., 910-500-1392. If email works best for you, contact me personally at [email protected].
