Password management is one of the most important security processes to put in place in your business. A breach of your network can have catastrophic effects on your business which is why you should encourage password management for your entire team.
People tend to not use strong passwords and often repeat their passwords for multiple accounts which is unsafe.
We strongly advise you put password policy in place for your organisation to help minimise risk.
Here are our top 5 tips to help you get started.
1. Use a password manager
There are lots of fantastic password managers on the market like LastPass and 1Password. They help you create strong and unique passwords and saves them securely for you.
You will no longer have to remember hundreds of passwords which can lead to people using the same simple password on multiple accounts. You only need to remember one master password. These password managers also allowed sharing of passwords – which is handy if a number of people need access to the same company social media account or similar.
2. Don’t make them easy
The longer the password the better. Yes, you want it to be complicated, but actually, length is more important. If your password is 12-16 characters long it is much harder for hackers to guess it. The best way to create your master password is to string together words and characters that only make sense to you. For example: Apple£HOUSE&blue$bar
3. Avoid common passwords and pop culture references
SplashData published a list of passwords leaked by hackers in 2017.
They include: 123456, Password, qwerty, letmein, football, login, passw0rd
If any of your passwords look like this – they need changing ASAP. They will be the first ones hackers use to guess yours.
4. Check if your password has been Pwned
You can check if your password has been stolen from hacked companies. Passwords that have previously been exposed during data breaches are unsuitable for use as they’re at a much greater risk of being used to take over other accounts. You can safely check your passwords on haveibeenpwned.com
5. Don’t use the same password for multiple things
Hackers aren’t sitting around trying to guess your password. They usually target vulnerable websites and can get your password from here. This is not always just small companies, how often have we heard in the news about large websites being hacked? Banks, dating sites etc.
They then try that password against every account your email is linked to. If that password is reused elsewhere – they will have access to all these accounts too. Scary stuff.
Still worried about your IT security? Please get in touch with us for some security advice.