Skip to main content
CybersecurityCybersecurity Services BostonCybersecurity Services Rhode IslandSecurityTech Tips

Guilty of Breaking The Password Rules?

Jenn GervaisMay 17, 2022June 1st, 2022

“Do as I say, not as I do.” Are you an offender of telling your employees, coworkers, and even family members to practice proper digital security, but not always following the same advice? We are all tired of having to come up with multiple unique password combinations, complete with numbers, capital letters, and special characters. But the importance of having a strong password and not using the same password for everything cannot be overemphasized!

  • Change passwords regularly: It has always been recommended that you should try to update your passwords at least every 3-6 months, however nowadays, many experts disagree and feel that unless you become aware of a password breach, there is no need to change your passwords regularly if you are using a strong, unique password along with two-factor authentication (see below). But switching up your passwords will ensure you that you’re taking every step necessary to keep your accounts and data safe.
  • Never share your passwords: Sharing your passwords with friends or family compromises the Cyber Safety of your personal accounts.
  • Do not reuse passwords: Recycling old passwords or using the same passwords for multiple accounts leaves your accounts vulnerable to credential stuffing cyber-attacks.
  • Avoid public Wi-Fi: Using public Wi-Fi without a VPN allows hackers to track your online presence and potentially expose your device’s data, including saved credentials.
  • Do not use personal information: Using names, birthdays, addresses, or phone numbers in your password could jeopardize its effectiveness against cyberattacks.
  • Check your password strength: Password strength checkers, like LastPass, allows you to validate the effectiveness of your password.
  • Do not use easy/weak passwords: The more complex and more extended your passwords are, the less likely it is the hacker will be able to figure it out.

STRONG PASSWORD TIPS + EXAMPLES

  • Complex passwords are tough to crack so use a minimum of ten characters. To create complex but memorable passwords, use different types of characters, a mixture of lower and uppercase letters, symbols, and numbers.
  • Do not use directly identifiable information. The ones trying to hack into your accounts may already know personal details such as your phone number, birthday, address, etc. They will use that information as an aid to guess your password more easily.
  • Use a unique password for every account and every person. Your unique list of passwords should be kept safe. If you want to reuse the same password phrase across numerous accounts or shared, customize it so that each is a bit different per account/person. Here is an example we found utilizing the same phrase “Humpty Dumpty sat on a wall” for Amazon, Netflix, and Google accounts:
    • MZn+humTdumt$@t0nAwa11
    • humTdumt$@t0nAwa11@gOoGL
    • humTdumt$@t0nAwa114netFLX
  •  Avoid common dictionary words. This is the toughest one to avoid. The temptation is always there to use ordinary, everyday dictionary words. A strong hacker will have a dictionary-based system to crack passwords, so, if you must use a single word, misspell it or insert numbers for letters. Use a word or phrase and mix it with nicknames, acronyms, abbreviations, upper and lower-case letters.
  • You may also find remembering a sentence (something easy for you, but complex for others to know) might work well, such as: “My favorite toy as a child was my pink 10-speed bike that I got for $25 at Bennys” =‘Mftaacwmp10sbtigf$25aB’ – Take the first letters of each word, and you create a powerful password with 21 digits.

THE BOTTOM LINE TO STAYING SECURE AND PROTECTED
In addition to having a secure password, the best way to be sure your accounts stay safe, even if you were to fall victim to a phishing attempt, is to also use Two-Factor Authentication (also known as 2FA). 2FA is a two-step verification process in addition to using a password. It requires something that only that user has access to, like a document or piece of information only they should know or immediately have on hand, like a token of some type. Using this technique makes it extremely difficult for cybercriminals to gain access and steal the identity or personal information of that person. You can learn more about it here.

Following the rules, we have listed, selecting strong unique passwords, and using 2FA to establish and maintain safe accounts, secure email, and personal information is imperative to keeping access to your accounts out of the hands of cybercriminals. Braver is also here to help you stay educated and vigilant in navigating this cyber jungle, so reach out if you have any questions.

Braver Technology Solutions | WeMakeITWork@BraverTechnology.com
Boston 617.315.8515 | Taunton 508.824.2260 | Providence 401.484.7900