Do’s and Don’ts of Password Security

We can’t say enough about the importance of passwords for your security

Strong passwords are the frontline against cyberattacks.

Passwords are the primary gatekeeper to secure your data, so it’s imperative to ensure it they’re as strong as possible. We have compiled a list of DOs and DO NOTs to help you create secure passwords.

DO create a complicated password. While passwords such as “123456” and “password” are easy to remember, they are also easy to hack. It is best to create a password that has at least 8 characters and uses a combination of upper and lowercase letters, numbers, and special characters. This makes it harder for hackers to gain access to your accounts. One way to accomplish this is to take a sentence and convert it into an acronym, using numbers to replace words such as “to” or letters (3 or $ for “s”, 1 for “I”, @ for “a”, etc.). For example, take the sentence “my favorite activity to do is swim” and convert it to “mF8a2di$!”

DO NOT keep written passwords within reach. There’s no point in creating a secure password if you are going to have the password in plain view. That’s akin to locking the deadbolt on the house, but having all the windows open! If you would like a written reminder of your passwords, keep it in a secure place (a locked cabinet or car glovebox are good examples). You may also consider a Password Manager Service.

DO change your password regularly. Even the most complicated password can be compromised given enough time. It is recommended that passwords be changed every 90 days (or sooner depending upon the importance of data that they safeguard). When you change your password, do not reuse an old password. Instead, create a new one for better protection.

DO NOT use the same password for multiple accounts. While this may be easier for you to remember, it also makes it easier for cybercriminals to gain access to all of your information!

DO use two-factor authentication. Two-factor authentication (also known as 2FA) is a method of confirming a user’s claimed identity by utilizing a combination of two different components, generally something you know with something you have. A good example in everyday life is the withdrawal of money from a cash machine. Only the correct combination of a PIN (something you know) with a bank card (something you have) allows the transaction to be carried out.

This provides another layer of protection and significantly reduces the risk of a hack. That being said, it’s imperative that you update your personal information when something, such as your phone number or email address, changes.

For more information on password protection and security, connect with Bryley’s cybersecurity experts by calling us at 844.449.8770 or emailing us at