Time to Update on World Password Day
When was the last time you changed your password? If you are like most people, you probably haven’t done it for a while. Today is a good day to do it because it is World Password Day! Your computers carry a lot of sensitive and important data, so keeping work data safe is a major priority. Hackers, criminals, and thieves are selling, sharing, and accessing stolen information on the dark web. They use our information to phish and scam users within your work organization. At Protek, we encourage our clients and their employees to make sure they have strong passwords to improve online security and spread awareness of the importance of being safe.
So let’s get your password updated. If you aren’t sure what makes a good password, we can help.
Here are several tips for creating a strong password:
Choose a strong Password – Making a password long, strong, and complex is key. At Protek we encourage you to have a pass phrase opposed to a password. According to NIST password guidelines, phrases are the best way to prevent hackers from getting your information. The phrase should be random words you can remember but as a rule of thumb avoid dates, addresses and names of things a hacker could find out about you by trolling your social profiles.
Avoid Using Duplicate Logins – It can be tempting to use the same password on every account you have. However, it also means the bad guys can figure out your password and gain access to every account you have. Changing your passwords on all your accounts insures that if someone guesses one password, they can’t use it for anything else.
Add a Password Manager If Possible – If you have a hard time remember your passwords, consider using a security password manager like LastPass. We use this at Protek and love having all our passwords centralized in one place so we don’t have to save them on our computers.
Browse Two Factor Authentication – For accounts that support it, two-factor authentication requires both your password and an additional piece of information to log in. The second piece could be a code sent to your phone, or a random number generated by an app or token. This protects your account even if your password is compromised.
Create Security Question Answers You Only Know – Many security questions ask for answers to information available in public records or online, like your zip code, mother’s maiden name, and birth place. That is information a motivated attacker can obtain. Don’t use questions with a limited number of responses that attackers can easily guess – like the color of your first car.
Prevent Saved Passwords on Your Devices – If you switch computers or get rid of old computers without reformatting the hard drive, it is possible for anyone that has access to that computer to access your saved login credintials. Giving them access to your computer is like giving them access to all your accounts. Changing passwords will make sure that if someone has found an old password of yours, it will no longer be relevant or useful to them.
Limit Constant Access – When a hacker gets into your system, they don’t always take what they want and leave. Some hackers stay for awhile and either monitor your data or continue to steal information from you over time. If you change your password, you will reduce the risk of other people having access to your account and information.
Hackers can try tens of millions of possible passwords combinations per second. Sophisticated software can guess a five-character password in under three hours. You want to create something that can be safe from guesswork and hacking attempts. If you use lowercase letters, it’s 11.9 seconds. A good password should have at least 12 pass phrases and be words in a phrase that only you could guess. This is a fairly new suggestion from the typical password with uppercase and lowercase letters, numbers, and symbols that are hard to guess. It might take your online accounts to get up to speed on these new guidelines from NIST, but you can start now by updating your password on your personal and work email accounts today.
Eric is the owner and CEO of Protek Support and is a CISSP (Certified Information Systems Security Professional). He graduated from Utah State University with a Bachelors of Science degree in Business with an emphasis in Information Technology (IT). He is an IT Services expert in a variety of technology related fields. Some of these fields include document management software/hardware, enterprise level networking and VoIP phone systems, as well as large scale software implementation projects and the setup of small business networks.