Passwords are as tricky to create and manage as they are vital to your daily life – both in and out of the office. Passwords grant you access to your email accounts, your office systems, and programs, your banking information, your social media… your life pretty much runs on passwords.
Different sites, apps, and programs have different requirements for what your password needs to have – minimum character length, capitalization, numbers, and symbols being the most common. The idea here being the more complex a password is, the harder it is for a hacker to crack it.
The thing with passwords? We tend to use the same ones for multiple accounts (even though we know we shouldn’t), and your unique password isn’t always as unique as you think.
Check out this video to learn more:
How Should You Keep Your Passwords Safe?
Despite the fact that passwords are the most direct way to access a user’s private information, most passwords in use today are simply not strong or complex enough. Passwords protect email accounts, banking information, private documents, administrator rights and more – and yet, user after user and business after business continues to make critical errors when it comes to choosing and protecting their passwords.
Keep these tips in mind when setting your passwords:
Password Strength It’s common that passwords are required to include uppercase letters, lowercase letters, numbers, and special characters. However, recent guidance from NIST advises that password length is much more beneficial than complexity.
Consider using a passphrase—which is when you combine multiple words into one long string of characters—instead of a password. The extra length of a passphrase makes it harder to crack, such as “WeAreProtectedVoices@2018” or “Ohsaycanyousee” with special characters replacing a few of the letters.
For a more secure passphrase, we encourage you to combine multiple unrelated words to create the phrase, for example, “goldielittlelamb3pigs.”
Password Managers These programs store all of your passwords in one place, which is sometimes called a vault. Some programs can even make strong passwords for you and keep track of them all in one location, so then the only password or passphrase you have to remember is the one for your vault. The downside of using a password keeper program is if an attacker cracks your vault password, then he or she knows all of your passwords for all of your accounts. But many IT professionals agree, the benefit of a password keeper program far outweighs this risk. A little research on the Internet should help you find the reputable password keeper programs.
Multi-Factor Authentication Multi-Factor Authentication is a great way to add an extra layer of protection to existing system and account logins. By requiring a second piece of information like a randomly-generated numerical code sent by text message, you’re better able to ensure that the person using your employee’s login credentials is actually who they say they are. Biometrics like fingerprints, voice, or even iris scans are also options, as are physical objects like keycards.
Brian Gray, MCP, is the President at Kraft Technology Group, LLC (KTG), an affiliate of KraftCPAs PLLC. Within his role, Brian is responsible for all aspects of service delivery to our clients. Brian has a decade of experience working for managed service providers. He has worked with clients in a variety of industries, including financial services, accounting, legal, healthcare, manufacturing, and retail.