The first Thursday of May each year is World Password Day, a celebration to promote better password habits. “Passwords are critical gatekeepers to our digital identities, allowing us to access online shopping, dating, banking, social media, private work and life communications.” (Per National Day Calendar)
Here are our best practices for creating a strong password, along with signs of a weak password.
Suggestions for Selecting a Strong Password:
- Use 8-12 characters
- Utilize a combination of letters (upper & lowercase), numbers, and symbols
- Separate your special characters between letters
- Make passwords unique; avoid using dictionary words
- Try a passphrase, an easy-to-remember acronym of a collection of words like a poem or catchphrase like [email protected] for Strong Passwords Protect You And Your Company
- Have different passwords for your company email, personal email, and other accounts because once a hacker has access to one account, the hacker will attempt to login to other accounts with the same username and password. If a hacker accesses your email, he/she can authenticate password changes to lock you out of your own accounts.
Characteristics of a Weak Password (what you shouldn’t do):
- Using generic words like password, easy123, your name, your username,
or company’s name or core product
- Using personal information that is easily accessible like date of birth,
phone numbers, address, or names of family members
- Using simple adjacent keyboard combinations like qwerty or 123456789
- Using the same password for all accounts
- Not changing your password periodically, especially after a known breach
- Storing your password in a visible location like under your keyboard,
on a sticky note, or on a bulletin board
Along with Using Your Strong Passwords:
- Log off accounts when sharing a computer
- Keep your passwords private, do not share (ESPECIALLY via email or text) with colleagues, friends, or family members
- Enable multi-factor authentication when possible (requiring a passcode being sent to your phone) whenever possible
Along with creating a strong password, a good IT support team will confirm new users before creating new accounts, remove inactive users, and follow password best practices for their own logins.