UPDATE: New guidelines from the NIST released August 2017 changed the way we all should look at passwords. Read our blog post regarding updated password recommendations by clicking here.
Password security is a fundamental element of cybersecurity. Defending your business from cyberattacks is one of the most important safeguards needed to ensure your company’s ongoing success. In addition to protecting sensitive company information, private client data must also be secured. A recent article published in InfoWorld reported that the underground market for compromised servers may be much larger and more active than anticipated. The publication cites websites selling login information for over 170,000 hacked servers.
One way to safeguard your business is by adopting a clear password policy to increase security and provide a roadmap for avoiding common password mistakes. Here are six guidelines Anderson Technologies provides its clients to better guard against hackers and strengthen cybersecurity.
Six Guidelines for Increasing Password Security
- Include a mix of upper and lower case letters, numbers, and symbols
A good suggestion for creating an easy-to-remember yet secure password is to start with a favorite phrase or quote such as “Keep calm and carry on.” Take the first letter of each word in the phrase, a numerical sequence such as 5-9, and two random symbols to create a very complex password. A password resulting from our example above would be K5c6a7c8o9&%.
- Use a minimum of eight characters
The longer the password, the more secure it is. There are 12 characters in the example above. When using this formula, find phrases containing at least four words. This results in passwords of at least ten characters.
- Avoid using the same password for multiple websites or logins
It’s worth investing the extra effort to generate unique passwords for your important accounts. Doing so greatly reduces your exposure if a particular account is compromised.
- Change your passwords on a regular basis
This is another task commonly neglected. However, it is critical to keeping accounts secure.
- Do not allow web browsers (such as Chrome, Firefox, or Internet Explorer) to remember passwords
While many browsers offer this convenience for their users, it’s also an open door to the hacker who gains access to your computer.
- Implement a robust password management system
Having a good password management system will safeguard and organize your passwords. Many also help you generate strong passwords. For redundancy, ensure at least two people know the login credentials to the management system in case the principal user is unavailable.
Password Management Systems Provide Security and Peace of Mind
While all of the guidelines in this article help avoid common mistakes, consistent implementation is an ever-increasing challenge as the number of passwords we manage grows. This is where password management systems provide the most benefit.
Anderson Technologies offers guidance to clients for advanced password management systems that provide built-in security and peace of mind. Here are several major cybersecurity benefits of a password management system:
- Passwords are secured through encryption and two-factor authentication
- Passwords are safely stored and organized — no more forgotten passwords (or passwords written on scraps of paper) and the time lost to reset them
- Employees can focus on their work instead of password security
- Master passwords are designated to principals or other individuals who can access them in case of emergency
If you would like help ensuring your systems are protected and your passwords secure, please give Anderson Technologies’ cybersecurity experts a call at 314.394.3001.