Password Security

The Top 5 Ways to Ensure Password Security

Password Security is a must-have in any environment, from personal to business systems. Unfortunately, many users and administrators do not enforce a strict password policy which then resorts in easily compromised accounts and systems. Often hackers use what is called a Bruteforcing attack, which is an automated tool that tries to guess a username and password combination over and over again using different words, numbers, and characters. And yes, they do randomize these “lists” with upper and lower case words for a better chance at success. 

Here are the Top 5 Password Mistakes we see:

1. No or Empty Passwords on machines
2. Weak Passwords such as “ilovecats99” and “daverules1” and yes even the age-old ‘123456’ and ‘qwerty’
3. Password Reuse – It’s hard to remember all of the passwords and the distinct complexities of them. So many people tend to use the same exact password across multiple accounts. Once one is compromised, the rest of the accounts are hacked as well.
4. Usernames as Passwords – username: bobsmith password: bobsmith — Bad idea. Even making the password smithbob is bad.
5. Passwords are written on sticky notes around the office and stuck to desks and monitors. 

 

You may have been reading the above top 5 list and perhaps realized that you may be guilty of making some of these same mistakes, and if not, you probably know someone who is. The good news is that we will show you the Top 5 Ways to Mitigate the risk right now.

 

The Top 5 Ways to Mitigate Password Compromises:

1. Enable 2FA (Two Factor Authentication) where and when applicable.
2. Password Policies – Reuse and Complexity. This can be done in an Active Directory Microsoft Business Server to happen Automatically.
3. Password Complexity – ‘ilovecats1999’ doesn’t cut the mustard anymore. Even something like ‘IL0v3c4751999’ (while better) isn’t safe enough. Passwords should contain multiple symbols, upper and lower case letters and numbers and should be as long as possible, while not being in sentence format. For instance: ‘&%SaMi5GrEaT99%$’ is not as secure as ‘&6$GrEa799*SaM.iS(#$’
4. STOP writing down your passwords and keeping them in plain sight.
5. Do not use the same password for your email as you do for your online bank account. Mix it up and have fun with it!

If you would like to generate a strong random password, try this online tool here: Link

Bonus Tip: Do not allow your devices to “remember me and my password” – if your machine is compromised in another way, it’s open season on any accounts that you save logins for in your browser or app.

Hopefully, this article has helped you understand the importance of secure passwords and how to better set up yours to avoid compromise. If you have any questions, please feel free to call us at 631-403-1104 or click here to Contact Us Online