cybersecurity worries? Best practices for passwords
You know you're a cybersecurity comms specialist when you help your 14yr old son set up his new laptop, and instead of choosing a fairly generic password, he automatically deploys the latest cybersecurity best practice techniques and creates a password that does you proud!
Cybersecurity is crucial. We know that. Cyber criminals are getting increasingly better at finding their way around defences, which means there's a constant need to evolve and find ways of fortifying them to keep our data safe.
None of that will be new information to you I'm sure. So, instead of whittling on, I'm just going to give you a list of current best practices for passwords, in the hope that you might find it useful in protecting yourself and your sensitive information safe from hackers. You can find more details about each topic on the latest blog on my website.
Choose passwords that aren't easily guessed.
Yep, there are STILL muppets out there that choose their mother's maiden name, their cat's name or even, "password". The National Institute of Standards and Technology recommends that passwords are AT LEAST eight characters in length, and you should refrain from using sequential numbers or repeated characters. A combination of upper and lower case letters, numbers and symbols works well.
For example: Gu355Th!sSuCK3Rs!
Avoid password repetition across different platforms.
With so many different platforms requiring digital security, it can be extremely tempting to use the same password, or variations of the same password, across them all. The trouble is that if the password becomes compromised on one platform, all of your other accounts are also at risk. Hackers will simply attempt to access accounts on a wide range of other common platforms, using the same credentials. And it’s not enough to just use variations of the same password, since hackers will easily be able to guess and try these too.
Update your passwords regularly.
After all, it’s harder to hit a moving target! Ideally you should aim to update your passwords at least every 3 months, although more frequently isn’t necessarily a bad thing. This practice can also neutralize the dangers that come from having your password exposed in a data breach.
Enable Multi-Factor-Authentication.
Multi-factor authentication, or MFA, may seem like a faff, but it can reduce the risk of unauthorized access. MFA, sometimes also called two-factor authentication, is where you need to verify your identity several times before you can gain access. For example, the platform you are using may send a text with a code to your mobile phone that you need to input before you can log in. It also provides a warning if someone tries to hack into your accounts, so you can take action to secure them.
Never share passwords.
This should be obvious, but I’m saying it anyway. And ideally you should never write them down anywhere either. Read about password managers below for the best way to store your passwords.
Don’t save your passwords onto shared devices.
Again, it should be obvious, yet countless people every year manage to choose to save their passwords on shared devices like company laptops or library computers, giving potential hackers access to their sensitive information.
Consider using a password manager.
Password managers provide you with a secure space on your device or in your cloud to store and retrieve your passwords and other sensitive information. All passwords are encrypted and secured in a vault that is protected by a master password that only you know. Some password managers also deploy MFA or even biometric authentication (fingerprint access) as additional security. All password managers use some sort of encryption process to protect your information.
Remember, no password is 100% guaranteed to be safe, but following these best practice guidelines could help you to tighten up your cyber defences and reduce your risk of being the victim of a hack attack in the future.