May 4

Cybersecurity Password Best Practices

So, your go-to password of choice is 9fW9”wTx££(fw3/? 

Stop lying to me. Everybody knows you have a cockerpoo named Frisky so your password is Fr1sky. Don’t be ashamed, you’re only human (hopefully?), which means you find it easier to remember pet/kid-based passwords than ones that make no sense. It’s just science.

Unfortunately, passwords that are easy for us to remember are also easy for hackers to break, and that’s why you need to pay attention to cybersecurity password best practices to ensure a strong password policy. So, what makes a password policy strong? We’re glad you asked. You’re looking at something that includes:

  • Guidance on cybersecurity password best practices for your team.
  • Methodologies for reducing the need for your team to actually remember a password.

So, let’s check out our four tips for a super-strong password policy.

How Do Hackers Even Guess My Password? 

hacker

It’s not about guessing. They’re not mind readers. But they do have some clever ways of busting your password wide open and here are just some of them:

  • Tricking you into divulging your password or log-in details through phishing emails, texts, or calls. 
  • Using specialist software to run through password combinations until – open sesame! – they hit on the right one. These are called ‘‘brute force’’ attacks because there’s nothing delicate about them.
  • Using more specialist software to de-encrypt stored encrypted passwords. Yikes!
  • Tracking your keystrokes – called keylogging. 

Hackers also know that we often use the same or similar passwords for a ton of different sites and applications, because we just don’t have the capacity to remember lots of different complex passwords. Yes, password fatigue is a thing, folks. 

Cybersecurity Password Best Practices: Our Four Top Tips 

Have a Policy 

Good policies make everything better. Putting together a policy based on cybersecurity password best practices makes you think about how you’re going to tackle password protection and management and articulates everyone’s responsibilities toward grown-up password practices. It’ll also be part of your compliance adventure.

Reduce the Need for Passwords

Having fewer passwords to remember cuts down on that pesky password fatigue. It’s so much easier to remember one difficult password than a dozen. Honest. Try it. So, how about:

  • Cloud single sign-on: Imagine a single password that opens up a magical treasure trove of accounts, apps, whatever, etc. Don’t dream it, be it. Cloud single sign-on is an identity authentication tool that lets your team sign into multiple cloud-based resources using just one password. Obviously, you’ve piled a load of security protocols on that single doorway, such as a ton of encryption. 
  • Multi-factor authentication: You do this when you log into your bank account. Multi-factor authentication relies on something you know (e.g., your password) and something you have (e.g., your phone for that code they send you). Add in biometric authentication for the technicolor authentication experience.  

Change Passwords Regularly

Annoying, but sensible. Keeping with the same old pa55word is an open door for those cybercriminals. Keep ‘em guessing by updating that bad boy. And, with the beauty of mobile device management, you can force your team to change their passwords on a regular schedule. Oh, the power. 

Strengthen Existing Passwords

If cloud single sign-on isn’t practical for you, password managers like 1Password and Dashlane make it easy to create and ‘remember’ strong, unique passwords that are different for each user and account they use. They’ll auto-create hard-to-bust-open, super-long passwords for each account and keep them stored in a vault. You’ll just need to remember one single master password, which ideally should:

  • Be over 16 characters long.
  • Include a combination of non-consecutive letters, numbers, and symbols.
  • Exclude common words or numbers, private information, or any publicly accessible details.

A Strong Password Policy Will Uglify You, Which Is Good

You’re a grown-up and that’s why you’re interested in cybersecurity password best practices that not only keep our SEO people happy but make your business really, really unattractive to hackers.  A strong password policy will uglify you, in a good way. Want to find out more? No? What’s wrong with you? Call us now.

Ignition is Silicon Valley’s best (and friendliest) IT security, compliance, and support team. Contact us now – chatting about IT support and cybersecurity is our favorite thing to do!

You may also like