Cybersecurity Best Practices — Protect Your Passwords
By Perryn Olson
KEEP YOUR PASSWORDS COMPLETELY UNIQUE FOR EACH LOGIN, INCLUDING YOUR PERSONAL ACCOUNTS.
Using the same password, or a similar password, across multiple systems is the most widespread cybersecurity mistake. It leaves you vulnerable to “credential stuffing attacks” where cybercriminals purchase your login information from the Dark Web and stuffs the same credentials on login pages of multiple digital services across the web from banking, social media, email, shopping, and other websites that store personal information about you.
Don’t share your password with anyone, especially over unsecured email or chat programs. In that same regard, don’t write down your password anywhere that is visible or accessible to anyone (e.g. On a sticky note on your bulletin board, under your keyboard, or taped to your monitor).
A major recommendation is to invest in a reputable password manager and to use Multi-Factor Authentication (MFA) whenever possible. By storing all of your credentials in an encrypted password manager, it allows you to have extremely secure, and difficult to remember, passwords for all of your logins. All you have to remember is the one password to log into your management software.
MFA, also known as Two-Factor Authentication (2FA), adds an additional layer of protection by requiring proof of legitimacy other than the password. This verification is usually done through a notification to a trusted phone or another device via call, text, or app.
GUIDELINES TO CREATING SECURE PASSWORDS
All passwords must be at least 8 characters in length. Passwords with 12 characters or more are strongly encouraged.
Passwords must use at least one of each of the following character types: lowercase letters, uppercase letters, numbers, and symbols.
Passwords should not contain any parts of your name or your company’s name (or products).
Suggest not using words that may be found on your public record or social media like the street you grew up on, child’s name, pet’s name, favorite team, or school mascot.