Get Started Today!  (415) 295-4898

croom new

415 IT Blog

How’s Your Password Hygiene?

How’s Your Password Hygiene?

I’m not sure we need to tell you how important passwords are: they are the front-line defense to most of the accounts you create. What is often overlooked is the strategy of how to use a password to successfully protect accounts and data. Today, we will discuss best practices   when creating and managing your passwords and how you are likely approaching your password strategy improperly. 

Creating Strong Passwords 

It’s true that passwords can be a pain to manage. Anyone who has been locked out of an account because they can’t remember their password knows this all too well. That’s why it is important to create passwords that are both easy to remember and that are secure enough to protect you. Cybercriminals have tools at their disposal that do a pretty good job of being able to crack passwords, so you need to keep that in mind when you are choosing yours. 

As you set out to create your passwords, you should keep the following two points of emphasis in mind. 

  1. A hacker may try to brute force attack any password that cannot be guessed or cracked, rapidly trying each combination possible.
  2. A password’s security and its resistance to brute force attacks are two different things.

Brute force attacks can really be devastating, but when you create your passwords, you have to keep in mind that any hacker with the will to brute force your computing network and left with the time to complete their hack, will likely find a way into your network. What you are doing when you are selecting a strong, memorable password is trying to make certain that the only way they are cracking your password is through brute force.

Typically we like to encourage that your passwords meet the following metrics:

  • Are longer, typically over 16 characters
  • Use a combination of numerals, letters (with upper and lower case characters), and symbols
  • Don’t use privileged or personal information, or any information that can be tied to you through online searches
  • No common words or numbers
  • No consecutive letters or numbers

So How Do You Optimize Your Password’s Effectiveness?

With those practices, you will be pretty far along, but you also have to understand that the hackers’ tools are extremely powerful. That’s why on top of those suggestions, you will also want to add some complexity to your passwords. Studies have shown that about 41 percent of all passwords are composed exclusively of lowercase letters. If we have access to this information, it stands to reason that someone who makes a living breaking into networks and stealing data knows it as well. Therefore, along with adding symbols, varying cases, and numerals, one strategy is to use a passphrase of random words. 

The reason for this is that, with a password that looks like this “7i&3RkIn&4L1f3” the chances that you remember it if you use the account sparingly is pretty low. Besides, it is not that secure, as it is effectively a complex sentence. Remember, the hacker has to get your password completely correct to effectively gain access, so instead of trying to come up with intricate ways of typing statements that can be easily guessed, try taking three words that don’t have any natural connection, incorporating numbers and some varying capitalization, and padding either side with symbols.

A process like this makes the password more usable. It very likely won’t be guessed, is long enough to protect your account, is effective against the brute force attack, and will be easier for you to remember. 

Speaking of which, since you shouldn’t use the same password for multiple accounts, you will end up with dozens of passwords. Keeping them straight, especially over the long haul (as you will likely have to reset passwords from time to time), is difficult. That’s why we recommend using a password manager. Many people take advantage of the password saving feature inside their browser. This is effective, but we recommend using a third-party manager that features encryption. This tool will be the most secure and reliable; and, you won’t have to worry about remembering every password. 

At 415 IT, we consider cybersecurity one of the most important parts of a business’ IT strategy. Give us a call a (415) 295-4898 to see how we can help you keep your IT assets safe. 

Tip of the Week: How to Take a Screenshot in Windo...
Dangerous Android App Masquerading as System Updat...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, May 07 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://web.415it.com/

Mobile? Grab this Article

QR Code

Tag Cloud

Security Tip of the Week Technology Productivity Best Practices Business Computing IT Support Data Data Backup Network Security Privacy Cloud Internet Hosted Solutions IT Services Data Recovery Business Software Efficiency Email Managed IT Services User Tips Google Mobile Device Innovation Small Business Malware Hackers Phishing Collaboration Hardware Outsourced IT Cybersecurity Communication Business Management Computer Smartphone Upgrade Cloud Computing Workplace Tips Android Quick Tips Backup Tech Term VoIp Managed Service Microsoft Mobile Devices Business Continuity Disaster Recovery Windows 10 Smartphones Covid-19 Ransomware Communications Paperless Office Users Saving Money Remote Work Managed Service Provider Passwords Browser Network Encryption Artificial Intelligence Office 365 Business Technology BDR Server Internet of Things Wi-Fi Remote Monitoring Data Management Managed IT Windows Social Media Compliance Help Desk Microsoft Office Save Money Windows 7 Healthcare Vulnerability Holiday Government Document Management Automation Data Security Applications Managed Services Blockchain Employer-Employee Relationship Facebook Virtualization Scam Chrome Managed IT services Miscellaneous Health Laptops Remote Vendor Management BYOD Gadgets Wireless Avoiding Downtime Machine Learning Information Antivirus Infrastructure Project Management Meetings Two-factor Authentication Redundancy Office Processor Mobile Office Analytics Tip of the week Bandwidth Virtual Private Network Router Storage Apps HIPAA IT Management Information Technology Customer Relationship Management OneDrive Training RMM WiFi Website Software as a Service Proactive Net Neutrality Data Loss Company Culture Remote Worker Time Management Maintenance VPN Regulations IoT Networking Hard Drive Mobility Employee-Employer Relationship Files Access Control Payment Cards Unified Communications Customer Service Voice over Internet Protocol Managed Services Provider Bring Your Own Device Display Utility Computing Remote Workers Assessment The Internet of Things Word Remote Computing Gmail Risk Management Conferencing Free Resource Professional Services Cooperation Network Management Patch Management Data Breach Mobile Money Consultation Data Storage Recycling Vendor Images 101 Monitoring Social Network Alert Tablet Big Data Remote Monitoring and Management Internet Exlporer Dark Web Augmented Reality Financial Password Smart Devices Smart Technology Operating System Computing Unified Threat Management Employees Management Electronic Health Records File Sharing Instant Messaging Holidays Search Consulting Downtime Spam File Management Co-Managed IT Mobile Security Server Management Flexibility Solid State Drives Legislation Geography IT YouTube Lenovo Projects Cache Distributed Denial of Service Mobile Device Management Peripheral Social Networking Value of Managed Services Favorites Optimization CES Samsung PowerPoint Specifications Laptop IT Consulting Read Only Operations Security Cameras Banking SharePoint Cybercrime Screen Reader Cyber security Digital Payment Asset Tracking Hotspot Backup and Disaster Recovery Websites Video Conferencing Teamwork Identity Mail Merge User Error Options Modem Telephone High-Speed Internet MSP Finance Business Telephone Videos Superfish Return on Investment Managed IT Service Point of Sale Tech Terms PCI DSS G Suite Virtual Machines Tech Support Black Friday Remote Working Printing Reviews Downloads Database Management Smart Tech Mouse Language Human Error SaaS Biometric Shared resources Going Green Address 5G Mobile VoIP Development Authentication IT Assessment Media Settings Personal Information Break Fix E-Commerce Theft Manufacturing Motherboard Chromebook Permissions Credit Cards Virtual Assistant IT Technicians Bitcoin Cost Management Cyber Monday Staff Electronic Medical Records Touchscreen Hacking Budget Batteries Microsoft Excel End of Support GDPR Connectivity OneNote Computing Infrastructure Permission Gamification Techology CRM Wireless Internet Cookies Cables Authorization Heating/Cooling Digitize Ergonomics Transportation Migration Active Directory eWaste Features Technology Laws Google Calendar Vulnerabilities Fraud Politics Computers Customer Relationships Wasting Time Current Events Trending CIO applications Managing Stress Private Cloud Windows Server 2008 Gifts Emergency Multi-Factor Security How To Alerts Test Statistics Outlook Disaster Resistance Content Filtering Printer Employer/Employee Relationships Nanotechnology Apple Travel Wires WPA3 Servers Shadow IT Vendors Chatbots Windows Server Virtual Reality Procurement Unified Threat Management Hard Disk Drives Mobile Computing Sensors Innovations Database Mirgation Firewall Enterprise Content Management Bookmarks ROI Recovery Hacker Notes Wearable Technology Star Wars Comparison Licensing Bluetooth Outsource IT Shortcut Proactive IT Social Proactive Maintenance App Solid State Drive Technology Tips Fleet Tracking Zero-Day Threat Outsourcing Identity Theft User Management Enterprise Resource Planning Data Warehousing Cyberattacks Marketing Daniel Stevens Printers Twitter Education Regulation CEO Students

Latest Blog

Windows has no shortage of capabilities to offer its users, with many of these tools coming with an associated Windows shortcut. Since keeping track of all of them can be a challenge, we wanted to assemble a list of most of them for you. This blog will serve as that list, so...

Latest News

We are proud to announce that 415 IT and our CEO, Daniel Stevens, were recently featured by CIO Applications. We discussed how and why we serve our clients, as well as some sneak peeks for our future. Read our interview by visiting:  https:...