Happy World Password Day!

May 3, 2018 | Digital, Web Services

It’s time to celebrate by creating a strong password.

Trust us, this is the “lifehack” you need in order to make your life unhackable.

Even if you don’t typically celebrate the first Thursday of May, you should at least take this time to evaluate the way you safeguard your digital accounts, both on a personal and a professional level.

After all, security breaches happen to both large and small companies, with the latter receiving 43% of the cyber attacks aimed at businesses. The cost of a data breach could set your company back an average of $3.8 million. This cost is expected to skyrocket to $150 million in just the next two years.

While software and IT specialists can increase your cyber security, ultimately one of the best tactics you can deploy is to train yourself and your employees on how to avoid attacks. There are two main ways your business can stave off cybersecurity attacks: email and passwords.

We’ll save smart email practices for another blog, but since World Password Day is upon us, let’s review some tips on keeping your login credentials on lockdown.

Use a Password Manager

If you want a worry-free option, invest in a password manager. This does not mean use the settings on your browser to remember all of your login information. Instead, password managers such as LastPass or 1Password can generate strong passwords and securely store them. Many password managers have business solutions that could work for you and most are reasonably priced.

Strong Passwords

The strongest passwords take time to generate manually. Avoid personal information or lazy passwords such as “1111111.” Including lowercase and uppercase letters, numbers and symbols are recommended, but the general rule of thumb is that the longer the password, the better. Longer passwords are stronger passwords because there are more variables to parse out.

You can use one of the many free password generators online, but most people feel more comfortable with a memorable phrase than with a random string. If that is the case for you, keep these best practices in mind:

  • Use uncommon words or phrases – don’t use items from pop culture. Lately, “dragon” and “Star Wars” related passwords have been flagged as being some of the easiest to hack.
  • Keep it long – pretend you are trying to write the longest sentence possible. Il0v3macaroni&ch3eseforbre@kfast is a much better password than m@(&ch33$3 because it is longer and does not repeat elements back to back.
  • Encrypt it – we’re talking very basic stuff here. Change some letters to symbols and numbers or purposely misspell a word in your phrase. If you use numbers and symbols, be sure to spread them out throughout the password. Don’t just tack them on at the end.

Security Questions

Typically, online accounts will ask you to set up security questions in case you ever forget your password. Avoid choosing security questions whose answers can easily be found through Google or social media, i.e. your mother’s maiden name or your high school mascot. If there are no good options available, then lie. Make up an answer for the question that might not be honest, but is just as memorable as the truth. Kohl’s isn’t going to know that your father’s middle name isn’t Indiana Jones, but you’re probably going to remember giving that answer the next time it asks you.

Two-Factor Identification

Several apps and online portals now offer the ability of two-factor or two-step verification. Two-step verification involves sending a text message or email to a separate device with a code. Entering the code into the new device will allow you access. This might seem tedious and unnecessary, but if someone does try to login to your account without your permission, you will be alerted right away and even can block the user from gaining access in some cases.

Different Passwords for Each Account

It’s so tempting to use the same password for every account. It’s only one thing to remember rather than the dozens, sometimes hundreds, of online credentials that a person or business can accumulate. We get it, but so do hackers, which is why they will usually target websites with lower security and then use that password to try and break into other accounts linked to your email. Be on the safe side. Use a different password for every account.

Change, but Not that Often

The old wisdom was to change your password every three months. However, studies have shown that when people are forced to be creative with passwords that often, they tend to get lazy. Most will only change one letter or just add a number to the end. Even if they do change the password completely, there is no evidence to suggest that updating your password hinders hackers enough to deter them. Instead, save your energy and creativity and update your passwords yearly – say on World Password Day?