Tips for creating strong passwords

When it comes to passwords, putting in the effort now can make a huge difference in the long run. It’s time to forget about single-worded passwords, they are easy to crack and are no longer strong enough.

So, what constitutes a strong password these days – a passphrase (or another name for it is a sentence). Passphrases are longer, more complex and much easier to remember.

When thinking about your new passphrase, you should try and use a string of words that incorporates numbers and letters (both lower and uppercase); and the longer it is the stronger it will be.

• Is at least ten characters’ long
• Does not contain your user name, real name, or company name
• Is significantly different from previous passphrases
• Contains multiple words, capitals and numbers
• Examples:
  • MYMYitsloveleyweather17 (my my its lovely weather)
  • lookingforwardTO1holiday (looking forward to 1 holiday)

If you can find your password in the dictionary, it isn’t strong enough.

• Short passwords are bad. Long passphrases are good
• Don’t reuse an old passphrase, make it slightly different (lookingforwardTO1holiday, next passphrase could be nearlyON1holiday)
• Use two-factor authentication for added security
• Ensure that every account you have has a distinct passphrase
• Change your passphrases periodically
• Don’t keep a written list of your passphrases ANYWHERE

If your business is caught out from a bad password, you will experience:

• Downtime of at least 6 hours but most cases are over a day
• Loss of important data – depending on when you did your last backup
• High costs of your IT provider getting your business back up and running
• Loss of business for that downtime
• Loss of reputation, can your clients trust you can keep their information safe?

You have to remember; you are only as strong as your weakest link. Even with a large IT budget, there is nothing your provider can do for you if one of your staff has a weak password. Especially those that have access to the most confidential information.

We can help your organisation with implementing a password policy. Discuss this with us today.