With so many threats to look out for, some business owners make the mistake of thinking that a simple security tactic such as your password is ineffective – but that’s not true. Your password is your first line of defence, keeping hackers and other intruders from accessing devices, resources, and applications that could seriously compromise data.
However, trying to decide on a ‘strong’ password has become increasingly complicated. Many of the tricks and tactics suggested by experts over the years have proven to be less than effective. As it turns out, it’s not just the target audience taking this advice to heart; the hackers have been listening, too.
It may be easier to cover what doesn’t work these days than what does, so let’s start there:
- Long passwords don’t work, because if you impose a specific character limit, most people will select a password that it exactly that many characters. Knowing how many characters are in your password makes it possible for a hacker to narrow the possibilities from billions to thousands.
- Complicated passwords don’t work well, either. By forcing a person to include numbers or symbols, there is a tendency for most people to create a similar pattern with the position of capitals, numbers, and symbols within a random string, or make common substitutions with numbers and symbols. Hackers know to looks for these patterns and substitutions.
- Surprisingly, setting passwords to expire does more harm than good. It results in people taking shortcuts. For example, using password1, password2, password3 etc. out of sheer frustration at constantly having to update and then try to remember new login information. Passwords start off weaker than would be preferable, and then become even weaker due to the predictable pattern.
So where exactly does that leave you? The recommendation going forward is relatively simple; use a password that is unique to you – but not something obvious like a birth date or pet’s name – and don’t use the same password for multiple websites or services.
If the idea of having to remember dozens of different passwords does not appeal to you, you should consider using password management software. There are great options on the market for low cost, and you’re able to gain peace of mind knowing you’ve added an extra layer of managed protection.
For individual users, software like LastPass, KeePass, Roboform, or PasswordSafe are a good place to start. For businesses, we recommend an enterprise level password security solution, which tracks who has accessed which passwords, for example.
Don’t let something as simple as password security slip through the cracks. With so much that’s out of your control in the realm of IT security, this is one thing you can take into your own hands and ensure works to your advantage.
To learn more about the most effective ways to protect your business against emerging threats, including cloud-based credential management from K&M Systems Intergration, reach out to our team of technology experts. Contact us at firstname.lastname@example.org or (403) 274-7848.