Six Quick Actions You Can Bring To Your Next Meeting
While IT managers and team leaders work on password policies and security defenses behind the scenes, it’s also important to be able to provide employees with user-friendly practices to enhance cyber security. Keeping password safety a common conversational topic that can help folks make good choices with their daily habits, which can have positive effects down the line.
Here are six tips you can give your employees for password safety:
Common words make weak passwords. Avoid everything from single, simple words like “password” as well as common phrases like “LoveMyDog”. Additionally, avoid using your own name, your pet’s name, and your birthday. Using your personal information can make it easy for some types of cybercriminals to access your accounts. Instead, think a little outside the box.
Statistically speaking, a longer password is a safer password, as it’s more characters for a cybercriminal or a computer to guess. Most systems these days have a minimum of 8 characters, but sometimes also have a maximum character count. It’s unrealistic to ask users to remember a string of random characters, so finding a memorable, unique phrase is a better path. To assist you – don’t be afraid of the spacebar! You can use a space as a character, in order to help break up your passphrase and increase the length while making it more memorable for you!
(Louder for the people in the back!) Password reuse is one of the most common habits among users and it is responsible for many, many cyber incidents. Stop using one password for all your accounts—and this includes using a ‘root’ password and then making tiny changes to it to satisfy requirements for a changed password. Computers can guess these predictable patterns very easily. And if you have the same password for multiple accounts, you’re making it very straightforward for threat actors to move seamlessly from your social media to your bank account to your work login.
It turns out that forcing people to change their passwords after a certain period, while a long-accepted practice, actually backfires. So unless you know your password has been compromised, don’t worry about changing it so frequently—it can have the knock-on effect of creating weak passwords, or reusing old ones (see the above!).
If you’re on board with the need to have unique, strong passwords for each account, and you’re ready to leave password reuse behind, consider using a password manager. It can help you avoid the need to remember 20+ individual passphrases for each login, and help secure your identity across personal and professional boundaries.
Good security is about layers. If it’s available, use it. By implementing MFA, you can do yourself a massive favor. If your password does become compromised, having MFA enabled can buy you time and secure your account. Ensuring you have MFA, especially for your more sensitive accounts is a smart move—even if it does feel mildly irritating at times. Consider using secure authenticator apps instead of relying on one-time text codes to save yourself time and hassle.
While these techniques are helpful for individual approaches to strong password habits, organizations of all types should not leave security to be something that individuals are responsible for.
Companies can support their employees by scanning for compromised credentials.
It’s one of the best ways to know if passwords in the network have been stolen or are being used for nefarious purposes. This means getting a tool that will compare your password to an ever-updated list of passwords taken from the dark web, and alert you when it’s been compromised so you can take immediate action to secure your accounts.
Don’t be afraid to bring this suggestion to your coworkers and leadership—digital security is a matter of shared responsibility. We owe it to ourselves to work to keep each other safe.