Setting Safe Passwords

The cybersecurity threats facing businesses today are more persistent and costly than ever.  But one of the best defenses remains simple: having good passwords in place.

Here’s a reminder of some common practices you should be avoiding.

Practices to Avoid

–Don’t use your family name (or your spouse or kids’ first names)

–Don’t use important years (family birthdays, graduation dates or the current year)

–Don’t use your company’s name

–Don’t use the current year

–Don’t use sequential numbers (for example: 12345….)

–Don’t use celebrity names, popular movie titles, sports teams or other elements from pop culture

–Also make sure you’re not following the common pattern of using different elements in predictable ways.  If you’re required to use uppercase, lowercase and special characters, you probably are in the habit of making the first letter of the word uppercase, followed by numbers and then followed by a special character (Peppy9879!).  Mix it up. 

–Don’t engage in ‘password walking.’  This is when you just change a single element of a pre-existing password.  People often do this when their employer forces them to update their passwords frequently.  So Peppy9879! gets changed to Peppie9879!

–Don’t use the same (or similar) passwords for multiple sites or products.   If one product or site is breached, hackers will be able to easily determine your passwords for other sites and products.  A password manager is a good solution for this problem.

At the end of the day, you should also be using two factor authentication to enhance the security of all your password-protected sites and services.

Use multi-factor authentication.

If a cybercriminal does get your password, whether it’s because your passwords are easy to guess or some other method, multi-factor authentication (sometimes called two-factor or dual-factor authentication) can prevent them from getting into your account. It requires a second form of authentication, like a one-time passcode. Implement this (or two-step verification) on any account possible. It can be annoying, but it can save you from a lot of headaches.

Even if you don’t fall into these habits, using a password manager and multi-factor authentication have become the new standard for password best practices, and you’d benefit from using them.