We humans have some pretty bad habits around security, don’t we?
Take a minute and think about where you live: are you sure — absolutely sure — that every window to your home is locked?
And speaking of locks at home: sure, your average home door lock is enough to keep out a random stranger. But if someone really wants to break into your home, that lock probably isn’t going to stop them.
Broaden the scope a little and think of stores, ballparks, even airports: our typical conventional security methods are effective to a degree, but they aren’t foolproof. And in many cases, if someone’s motivated enough, they can find a way to circumvent those systems (at least for a while).
Unfortunately, our tendency toward bad security habits extends to the digital realm. In general, people are really, really bad about passwords — and that’s a big problem.
Why Password Security Is Worth Talking About
Passwords matter because stealing, guessing, or otherwise compromising passwords is still the #1 way that companies succumb to cyberattacks. The bad guys have several different ways they go about this, but all of them relate to stealing credentials.
And all of them are far, far easier to do when your passwords are weak.
3 Techniques for Creating Better Passwords
The good news is that creating better, more secure passwords isn’t actually that hard to do. Sure, it may be a little less convenient than using a relative’s birthday or your favorite pet’s name. But given the stakes, it’s worth the effort.
1. Consider length and character complexity
First, if you’re creating your passwords manually, pay attention to a few elements. The longer the password, the harder it is to guess or brute-force. The same goes if you mix in numbers, letters, and symbols.
If you’re doing passwords manually, it still needs to be something you can recall, so a totally random string won’t do the trick. Instead, think of a series of words that makes sense to you but not to others. Then swap in some symbols and numbers where you can.
Of course, there’s still a weakness to this method. The longer and more complex, the better — but as your passwords get weirder and weirder, you start to have a harder time remembering them.
That’s why we don’t recommend this manual approach: either of the following options is much more effective.
2. Use a password manager to generate strong passwords
A better approach is relying on technology (the right way) to remember those long, complex passwords. Password managers are applications that store all your passwords in a single secure “vault”: You have to memorize one master password (and make sure this one is truly hard to guess!), but then the software securely supplies the rest.
The best password managers will also help you update passwords across your digital footprint, replacing your insecure passwords (password123) with long, complex, difficult passwords (something like c#jr2;kl3j4JcmF8)xM4 — you get the idea).
This way, all your individual accounts are more secure, but you don’t have to deal with the hassle of memorizing a hundred gibberish passwords.
3. Add more layers of authentication
Last, add two-factor authentication or multi-factor authentication wherever possible.
This additional layer of authentication drastically improves your security, because now the bad guys have to steal another element (like a fingerprint or a randomly generated code). It’s a little like upgrading from a cheap padlock to a high-tech safe.
Pro tip: if you’re using a password manager, you absolutely should set up 2FA or MFA on that master password!
Password security can go a long way toward keeping your business safe, but you need other cybersecurity protections in place. Not sure how well your current setup is defending your business? Blue Ridge Technology, Inc. can help — contact us today.