Security Memo 4: Passwords
**This is part of a series of memos, straight from Dan's desk, helping you understand more about easy security steps for your work and personal use. Read the third memo in this series.**
The easiest way to protect yourself and your company from cyber threats is by having a strong password.
Traits of a Bad Password
Hackers have created databases of the most common words, phrases, and number combinations that they can use to find a password match. The following are some common password themes that you should avoid:
- Phone numbers
- Sports teams
- Company information
- Simple obfuscation of a common word (“P@$$w0rd”).
- A word and then a number (“CATFISH7”)
- Using the same “template” over and over when changing your password. Example: BigDog1, BigDog2, BigDog3, etc…
What Makes a Good Password?
To start, your password should be at least 8 characters long, with at least one capital letter, one number, and one special character (“@”, or “%”, etc.). As an added layer of security, change your passwords on a regular basis to ensure that you stay ahead of the hackers. And, whenever possible, you should use multi-factor authentication.
Most companies enforce these standards by making you change your password every 120 days and using multi-factor authentication.
Remember, the best passwords contain as much randomness as possible – using unlikely combinations and random characters is a great strategy. Be creative!
Bad: myFuzzyDog-eats4bones!Aday-BIG$ (why? Because it’s too long and confusing. You’ll never remember it! If it’s so complicated that you have to write it down, then it’s too complicated.)
It’s important to remember that you should not use the same password for multiple accounts – no matter how strong it is – because if one account gets compromised, then they’re all compromised.
If you even suspect your password might be compromised, change it and never use that password or a variation of it again!
By learning more about these easy security tips, you help to keep your network, and people, safe from cyber threats.
Chief Information Officer
Stay tuned for more memos from Dan's Desk in this helpful series on security.