Keeping a secure password is a little confusing these days, especially when the standards for what is an acceptable, complex password seem to keep shifting back and forth. Let’s take a look at some of the industry-standard best practices for passwords and how you can implement them for your business.
Password Best Practices
Here is a shortlist of what you should do to be in compliance with industry standards for password best practices:
- Don’t use the same password twice: This one should be a given, but you should never use the same password for multiple accounts. If one password is compromised, and you have used the same password for multiple sites, then that means all of those accounts are also compromised. It might be a pain, but it’s a best practice from a security standpoint to use different, complex passwords for each of your accounts.
- Make passwords easy to remember but hard to guess: This might seem like a catch-22, but it’s easier to do in practice than you might think. One way you can make a password easy to remember but hard to guess is to use a “passphrase,” or a string of words or characters that spell out something that makes sense to you, but not to anyone else. For example, rather than using your dog’s name––let’s say he is named Fred here––you can use something like “mydogsnameisfredandheisgreat,” which is obviously much more difficult for a hacker to guess.
- Prioritize length rather than complexity: While complexity is still extremely important for passwords, length is the biggest deciding factor when determining how easy it is for a password to be guessed. Simply put, the more characters are involved, the harder it is for a hacker to find the right combination. You should, of course, still use letters, numbers, and symbols when you can, though.
Augment Your Best Practices with Security Solutions
Of course, the best password practice out there is to rely not only on a complex password, but to augment it with powerful password management tools and multi-factor authentication. Password managers give you the ability to take advantage of multiple complex passwords without the need to remember each and every one of them. With an encrypted vault for storage, a password manager can keep your credentials secure, only calling them when they are needed to access an account.
Furthermore, multi-factor authentication can play a major role in keeping your accounts even more secure. We recommend that your multi-factor authentication strategy rely on having at least two of the three factors used for authentication: something you have (an external device, like a smartphone), something you know (in this case, a password or PIN), and something you are (a biometric like an iris or fingerprint scanner). With all of these in mind, you will know your accounts are as secure as possible.
To learn more about how you can keep your business safe, reach out to us at (646) 741-1166.