Your business’ security largely depends on how secure the passwords are that keep your resources from being accessed without authorization. Despite this, many users—perhaps even you—frequently sacrifice sufficient security measures in favor of the simple and convenient route, cutting corners when coming up with their passwords. Let’s try and remedy this by reviewing a few practices that can help make a password more effective.
A password can be undermined in one of two different ways, generally speaking:
Digging into your online life or resorting to trickery, a “bad actor” (as they are sometimes called) figures out your password or how they can fool you into handing it over. Alternatively, the bad actor might phish you or infect your computer to crack the password.
As a result, you need to figure out how to make your passwords effectively guess-proof, while still being able to recall them as you need them. These principles should ultimately pertain to any passwords associated with your business—including the ones your staff members rely on.
Whether you’re designing a password policy for your company members to follow, or simply creating a new account of your own, there are two important considerations to keep in mind.
It is important that both of these aspects are taken into serious account as you come up with your passwords.
There are a few widely accepted best practices when it comes to what makes a good password:
It is also important that your considerations involve the aforementioned tools that cybercriminals use to break password protections. This is where we must account for the complexity of your passwords.
Did you know that about 40 percent of passwords only contain lowercase letters? Well, cybercriminals certainly know, and will certainly try to save time by only trying lowercase letters in their initial brute force attacks. Even one extra variable can significantly increase the password’s security, making it harder and more time-consuming for the hacker, and possibly convincing them that the effort isn’t worth it.
However, you also need a password that is memorable enough for you to be able to use it. The most secure password in the world is no good to you if you can’t commit it to memory, to the letter (or number or symbol).
This has recently led to the idea that a password composed of a few random words, randomized further with alphanumeric substitution and capitalization, padded with repeating symbols on either side, is the most secure option.
Think about it—like we said, each variable makes the hacker’s job that much more challenging and can help slow down any automated attempts long enough for the hacker to abandon them.
With all this in mind, it makes sense to create passwords that ultimately look something like this:
Not only is this password effectively impossible to guess, but it also has plenty of characters and—while designed to be somewhat simple to memorize, is still plenty resistant to brute force methods. Just make sure you come up with your own, instead of copying this one.
Admittedly, a password like this is a lot to remember on its own, so the thought of remembering a different one for each account (in keeping with best practices) can be daunting for most. Fortunately, a password manager can simplify this considerably.
A password manager is basically just a piece of software that safely and securely stores your passwords away for you, accessible to you behind a single master password. That way, your passwords could be totally secure and unique without forcing you to remember them all.
From your passwords and access management to every other aspect of your business’ IT security and productivity, Bmore Technology is here to help. Learn more about what we can offer by calling 866.554.8488 today.
We recently made the decision to switch IT companies and Bmore Technology offered everything we required. As with any large change, there was some apprehension involved. (more…)More Testimonials
Bmore Technology expands footprint in South Carolina BALTIMORE, MD – December 5, 2018 – Bmore Technology has announced the acquisition of Carolina Phone & Data Services (CPDS). (more…)