Best Password Security Practices
Strengthen Your Password
Discussions surrounding passwords occur from time to time, and for good reason. Throughout our daily lives, there are dozens of accounts associated with our email addresses and/or mobile phone numbers. Whether it is a personal or business account, proper precautions need to be taken and periodically reviewed to ensure these accounts are secure.
The reason this topic stays prevalent is due to the continuous data breaches that occur at an ever-increasing pace throughout the tech landscape. Many major corporations, such as Yahoo, Target, LinkedIn, Equifax, and Uber have had significant data breaches in recent years. Click HERE for the 15 biggest data breaches in recent years.
Cybersecurity experts recommend a strong, unique password for several reasons. Chief of which is that there are new malicious cyber threats that compromise websites and online accounts every day. The resulting information may then be posted online in the form of a list of usernames, email addresses, and passwords. It’s bad enough that such posts expose a user’s personal information and credentials for a given online service, but it’s even worse if that user has reused the same username and/or password across many accounts. All of which would be subject to infiltration (e.g. work-related, personal social media, or banking accounts).
This is why unique passwords matter just as much as strong ones. While a strong password (one consisting of 10-15 characters and including a combination of uppercase and lowercase letters, numbers, and symbols) is highly recommended, uniqueness further prevents a potential lateral compromise of other accounts, should a given password be disclosed outside of the user’s control.
A recommendation for employing strong, but memorable passwords, is through the use of passphrases (a string of words). For example, “IEnjoyMYJob100%!” or “VFamilyOF4$” or “TV&Wine*Time!”. Instead of one word or a random string of characters, stringing multiple words together to create a much longer, but easier to recall password is an excellent method for increasing password strength. Mixing up capitals, along with the usage of numbers and special characters is always suggested.
As you follow the above recommendations, you should also consider using a password manager (an application that runs on your computer, smartphone, or in the cloud) to help you securely manage and store your passwords. Such managers can even help you generate a strong, random password for each account. Well-known examples of these are LastPass, Keeper, Dashlane, 1Password and Password Boss.
During the login process, you may also notice that Multi-Factor Authentication (MFA) is becoming more common. MFA is when you login to an account (with your username and password), and are prompted to provide a time sensitive code, usually received via a text message, phone call, or an authenticator app on your mobile phone. Although a strong password or passphrase is still a very effective means of securing your accounts, adding a second layer of authentication, like MFA, provides significantly more protection. While it is possible an attacker could have compromised a given account’s password via a data breach, it is very unlikely that they would also have physical access to your phone. The rise in cybercrime requires stronger security measures, and it is recommended to enable and utilize MFA wherever you are able.
Implementing new password and passphrase measures is vital in protecting the increasing amount of personal data that is stored online. While strong, unique passwords and the use of MFA are vital steps in securing your data, if you have any reason to suspect an account has been comprised, it is best to be safe and change your password as soon as possible.
If you are interested in learning more about staying protected, please feel free to contact us at www.EdmundsGovTech.com/IT to see how Edmunds GovTech Managed Services can help your organization.
Click HERE for a recent article with helpful tips.
Click HERE for a quick video from National Institute of Standards and Technology (NIST).