We all have to use them, and like underwear, we have to change them, too.
So, what makes a good password? And what makes a good change cycle?
Here are six things to keep in mind:
- Length matters. Strong passwords have a minimum of eight or nine characters.
- Like a cake, you have to mix it up. Strong passwords have a combination of numbers, symbols, and upper/lower case letters.
- Lose the ties. Make sure your password doesn’t include personal information that can be found online like the name of your favorite fur baby or your birthday.
- Phrases. Most people can remember phrases or lyrics which makes them great starting points for passwords. Trying to make a password out of the first letter of every word in a phrase. For example, you could turn “Hot sun making me sweat ‘Gators getting close, hasn’t got me yet” into “91Hsmms’Ggchgmy.”
- Don’t rinse, lather, and repeat your passwords. If a hacker obtains your password for one website, and you use that password for additional websites, the hacker now has access to all those websites as well. You should especially avoid reusing company passwords for personal accounts. All it takes is one company data breach for your personal accounts to also be in jeopardy.
- Change frequently. Work passwords typically need to be changed every 60 to 180 days, and personal passwords at least yearly. The time frame for changing personal passwords varies depending on if they were compromised or if you’re using additional safety precautions like two-factor authentication.
When it comes to storing your passwords, keeping them in an excel spreadsheet or note pad isn’t the most secure option. A better option is to use a password manager.
These are programs that store all of your usernames and passwords in safe, encrypted databases. With a password manager, the only password you’ll need to remember is the one to the manager itself — the manager will take care of the rest.
CNET currently ranks Bitwarden, LastPass, and 1Password as the best password managers.
Want to know how to take your login safety even further? Check out our article on multi-factor authentication to learn how the practice holds up against hackers.
SP6 is a niche technology firm advising organizations on how to best leverage the combination of big data analytics and automation across distinct (3) practice areas:
- Cybersecurity Operations and Cyber Risk Management (including automated security compliance and security maturity assessments)
- Fraud detection and prevention
- IT and DevOps Observability and Site Reliability
Each of these distinct domains is supported by SP6 team members with subject matter expertise in their respective disciplines. SP6 provides Professional Services as well as ongoing Co-Managed Services in each of these solution areas. We also assist organizations in their evaluation and acquisition of appropriate technology tools and solutions. SP6 operates across North America and Europe.