Keeping your data safe has never been more important. Malware, viruses, botnets and more are targeting any user they can find to try and steal, encrypt or gain access to information. Your password is your first line of defence.
With so much advice out there about passwords, we know it can be hard to work out what to do, and what the best practice guidance is on having a secure password. Secure password’s don’t have to be hard, but they are a necessity to keep your information secure. Also, with the introduction of the Mandatory Data Breach Notification Scheme, businesses and charities now are responsible for disclosing if there is unauthorised access to people’s personal information.
This post aims to provide you some guidance on how to keep your passwords secure in 2018.
Use a different password for everything
As crazy as it seems, using a different password for everything is a really good idea. Using a different password means that if your password is compromised on one website or service, an attacker doesn’t automatically gain access to all of your other accounts.
Use secure passwords
A secure password has a mix of upper and lowercase, numbers, and symbols. It doesn’t need to be complex, but if you are going to remember it should mean something to you. A good way to build a secure password is to string random words together. xkcd is an online comic about romance, sarcasm, math and language. This comic:
provides some great advice on how to pick a secure password.
Use a password manager to help you
Even better than generating human memorable passwords is to use random passwords for everything. Password managers such as LastPass, 1Password or Keychain are great for helping you remember unique logins for each service and then remember them. They also support two factor authentication to protect your data.
Implement two factor authentication
On that note, implementing two factor authentication for any service you can is a great idea. Particularly if that service contains confidential information about you. Most common online services such as Facebook, Twitter, Office365, Google Apps, Dropbox and Box.com support two factor authentication. Real World has worked with a number of products to implement this for office networks as well, including Okta and Dell Defender.
Don’t use “common” default passwords for new employees starting
It’s relatively common practice among small businesses to use a common default password such as “Password123!” for new employees until they first sign into your systems. Unfortunately these passwords provide a great avenue for attack on your systems. It’s much better to generate a password for a new employee to use. If you need to communicate to them, using a service such as SMS to send the password to them is a great idea (and better than writing it down on a sticky note).