World Password Day takes place on the first Thursday of May and takes place on May 7th this year. It’s a perfect opportunity to brush up on your password etiquette. Identity and Access Management is only becoming more important, being that the world today revolves around technology and remote access.
You need a password to get into your phone, to have an email account, to have a social media profile. Essentially, you need a password to live on the grid. The world is becoming more digitized every second so you’ve probably come to depend on passwords more as time has gone on.
Having to keep track of so many can get frustrating. This can lead to laziness when it comes to creating new ones. This approach could ultimately lead to a serious data breach though. According to the 2019 Verizon Data Breach Investigations Report (DBIR) 80% of hacking-related breaches involve compromised or weak credentials.
Additionally 29% of all breaches, no specific form, involve stolen credentials. This is why having an awareness of what qualifies as a secure password is so important. The last thing you want is a cybercriminal gaining access to your bank account because you hadn’t updated your password in three years.
Best Password Practices
Multi-Factor Authentication
Multi-Factor Authentication has become one of the safest and most popular ways to to securely sign into an account. It requires two methods of verification to confirm your identity. These factors are something that you know, like a username and password, and something that you have like a mobile phone or laptop.
By implementing this kind of solution into your organization you can ensure the users identity is confirmed before they can access the network which carries sensitive data. It also monitors the health of devices and isolates those with risky applications or outdated firmware.
Use a Passphrase
We cannot emphasize the importance of a strong password enough. Rather than using a single word with some numbers and a symbol at the end, use a short phrase. Phrases are easier to remember and less likely to be cracked. They also satisfy complex password requirements easily.
Don’t Re-Use a Password or use the Same Password for Multiple Accounts
Using the same password for all of your accounts can be dangerous. It weakens the password you're using. In the event of a breach, once a cybercriminal has access to one account they’ll be able to easily access most others. By using different passwords you limit the possibility of a breach to multiple accounts at once.
Don’t use Personal Information
The first place a cybercriminal looks for password clues are on your social profiles. When creating your password don’t use any information that can be found online like the name of your high school or birth date. This also might put into perspective how much information you want to share on social media.
Don’t use Dictionary Words
Just like using the same password for multiple accounts, using dictionary words in your password can be dangerous as well. They are much less complex and therefore easier for a hacker to figure out.
Don’t use Something You’ll Forget
You might over complicate your password in an effort to make it stronger. You might use a ton of characters with a random mixture of letters, numbers, and symbols. Although this may seem like the right idea, if you’re going to forget it, you shouldn’t use it.
Use a Password Manager
Password Managers keep your passwords secure and organized. These kinds of platforms store each of your account credentials and the sites that go along with them in one safe location. You’ll only have to remember one master password to gain access to all your others.
Change Your Passwords Regularly
Changing your password on a regular basis or whenever you’re prompted to is one way to stay ahead of cybercriminals. Particularly if they already have access to your account without you knowing, which does happen.
Always log out When You’re Done
If you leave yourself logged in to an account, anyone who uses the device after you has access to it. This is an even greater issue if you’re someone who uses public devices or Wi-Fi outside of your office, such as a coffee shop. You could potentially put your financial and private information in a very vulnerable position. By logging out every time you use an account you ensure that your credentials and information won’t be exposed.
Don’t Write Your Passwords Down
You may think leaving your password on a post-it note on your computer screen is innocent enough. You think to yourself that you’re the only one who uses that device so no one else will get a good look at it or care enough to check.
This is a risky attitude though because there is always the possibility of someone sneaking a peak as they pass by. Anyone can read your password if it’s left out in the open and you can never predict what someone will do with your information.
If you’d like to learn more about Identity and Access Management solutions contact The TNS Group today for more information.
Categories: Managed Service Provider, MSP Blogs
