How to Create and Maintain Secure Passwords
Passwords are your first line of defense. The stronger the password, the harder it will be to break. Last year the ID Theft Resource Center reported that there were 1,093 data breaches in the US, which is 40% higher than 2015. Yet, the security industry continues to struggle with password protection and how to change users' behavior that is putting them at risk.
A survey of 2,000 adults from the US, Germany, France, New Zealand, Australia, and the UK was performed by Lab42 and LastPass. The research found that 91% surveyed knew it was risky to reuse passwords, but 61% did it anyway. The research was designed to evaluate users password habits and the biggest takeaway was that while people know what safe passwords are, they tend to ignore this knowledge in favor of something that's easy to remember.
So how can you get your team to make safe passwords? What steps are needed to create and maintain them? Here are our top 3 tips for password security.
Pick A Password You Can Remember But Is Safe
We know that users favor passwords that they can remember and the research shows that is going to be a hard habit to break. So instead of trying to change behaviors provide your team with information, they need to build a safe password that they will remember.
1. Start with a sentence or two. For example “Complex passwords are safer”
2. Turn words into shorthand or intentionally misspell a word. For example “ComplekpasswordsRsafer.”
3. Add length with numbers. Put numbers that are meaningful to you in the sentence. For example “ComplekpasswordsRsafe2014”
4. Variety. Don’t use the same password for everything. Cyber criminals can steal passwords from websites that have poor security, and then use those same passwords to target more secure environments.
Don’t Share Your Password
Anyone that has your secure passwords can impersonate you on the network. In a recent study of 2000 respondents research revealed that 51% of users put their personal data at risk by sharing usernames and passwords with friends, family, and colleagues. More than half destroyed their company’s IT security by sharing their desktop or email passwords and overriding logins.
Avoid These Common Password Pitfalls
Cyber criminals use sophisticated tools that can rapidly decipher passwords. Avoid creating passwords that use:
1. Dictionary words in any language.
2. Words spelled backward, common misspellings, and abbreviations
3. Common letter-to-symbol conversions, such as changing "and" to "&" or "to" to "2".
4. Sequences or repeated characters. Examples: 12345678, 222222, abcdefg, or adjacent letters on your keyboard (qwerty).
5. Personal information that could be guessed or easily discovered. Your name, birthday, driver's license number, passport number, or similar information.