Let’s Talk About Password Security
Let’s Talk About Password Security
Password security can be simple if you follow a couple simple guidelines.
A password should include a combination of letters, numbers, and characters. Passwords should have at least eight to 10 passwords, but 16 to 20 characters is better. Again, they should be a combination that includes a combination of letters(lower and uppercase), numbers and symbols. If they allow, spaces are good too.
A password shouldn't be shared with any other account. If you use the same password across different accounts, once it’s been cracked, ALL of your accounts become vulnerable. Just as you use different keys to protect different places, use different passwords to protect important accounts.
50% of people use the same password for all their logins (LastPass)- DO NOT be one of them
A password shouldn't include any of the user's personal information like their address or phone number. This includes anniversary dates, family’s birthday or pets name. This information can be listed on other platforms — Facebook, LinkedIn and other sources.
A password should be changed a regular basis. CorpInfoTech recommends changing your password every 90 days. There may even be situations where you should change your password immediately, especially if a cybercriminal has access to your account. Some companies may even have password policies that require you to change the password.
Password security issues accounting for 80% of all data breaches globally (Verizon)
Let’s not forget… you should use a password manager such as LastPass to remember your passwords for you and two-step verification, or multi-factor and two-factor authentication—which means your password in addition to one or more other means of authentication.
Password security should be part of Security Awareness Training. CorpInfoTech can help you train and test your humans on a regular basis.
CorpInfoTech (Corporate Information Technologies) provides small to mid-market organizations with expert I.T. services including compliance assessment, cybersecurity penetration tests, and comprehensive business continuity planning services. CorpInfoTech can help organizations, quantify, create, refine, and mitigate the risks presented by business threatening disasters in whatever form they may be disguised.