Blog

5 password basics

5 Password Basics to Keep Your Digital Life Safe

Passwords are the gatekeeper to most of our digital lives and while they may seem like an antiquated way of authenticating who we are, good password basics are a key part of protecting us from damaging identity, data and financial theft. Did you know that 54% of people use 5 or fewer passwords across their entire on-line life? Or that on average, 6 unique passwords are used to guard 24 on-line accounts? With so many potential victims, cybercriminals follow a simple premise: Go after the low-hanging fruit! Good passwords may not 100% protect you from hackers (there’s other ways they can trick you into volunteering information), but it adds a high enough level of complexity that they usually move to the next easiest victim.

On World Password Day 2017, lets pledge to follow these password basics to keep our digital lives safe!

1. What makes a strong password?

When was the last time you heard, “you need a strong password, stop using 123456”? Probably every other day like a broken record. Let’s break the procrastination cycle and strengthen your digital life.
  • Good passwords will have at a minimum 10 characters, using a mix of upper and lower case letters, numbers, symbols and punctuation marks. For truly good passwords, 12-14 characters is recommended
  • Don’t use any information that might already be public like personal identifiable information, important dates (birthdays/anniversaries), family member or pet names, and celebrities
Quick tip for strong passwords: Think of a phrase that you can easily remember like a line from a book or your favorite song and use the 1st letter from each word to create what’s known as a passphrase. Just combine upper and lower case letters and replace some with numbers and symbols For example, “strong and smart passwords make for good security” could be turned into S@$pm4Gs!*

 2. Make unique passwords for every account

Here’s another broken record. Using the same passwords for several accounts can be a fatal mistake, especially for sensitive things like bank accounts. Hackers know that for convenience, most people are likely to repeat passwords across accounts so once they get a hold of a set of passwords and email addresses, they’ll surely try them everywhere they can. Unfortunately, more often than not, they eventually succeed. But with an endless number of on-line accounts, how are you to remember complex and unique passwords? Hint- Keep reading for the answer!

3. Use password managers

Password managers are on-line services that safely stores all your passwords so that you no longer have to remember 15-20 different sets of credentials, especially after you’ve taken the time to make them complex. All you need to do is set-up a single master password (following the strong password guidelines, of course) that you will use to access your account passwords through a browser or a smartphone app. What’s great is that many services are either free or have a very low price. Another great advantage of password managers is that they help you generate separate complex passwords for your accounts. You might be wondering, isn’t it riskier to have all passwords stored in one single place? Short answer is that password managers are not the end-all-be-all solution but they are generally a great solution as they encrypt all your information and help you conveniently maintain strong, separate passwords for each account. To mitigate the risk of anyone accessing your password manager account what we recommend is enabling multi-factor authentication that requires additional steps beyond just user name and master password (check out step #4). At Envision, we are big fans of LastPass for password management

For more details, read our post: Understanding Password Managers and Why You Should be Using One>>

4. Use multi-factor authentication

Multi-factor authentication (MFA) is just a fancy term for multiple ways to prove that you are in fact who you say you are to prevent access if your user name and passwords are stolen. Have you ever been asked for a verification code that is texted to your phone or email? Congrats! You’ve used multi-factor authentication. Other companies have made it even fancier through fingerprint verification or an external device like a USB that you plug into a computer when you want to access accounts. We strongly recommended using MFA for as many accounts as possible, particularly most sensitive ones like financial, social media and email. To find out which websites support MFA visit https://twofactorauth.org

 5. Change passwords regularly

It’s always good practice to update your passwords at least once a year, with the most sensitive accounts changed every 6 months at a minimum. Sounds tedious? Not with your brand new password manager! Happy World Password Day 2017!  
Envision Consulting

Envision Consulting

We started Envision Consulting for businesses that share our passion for building long- term and healthy relationships. While we might be technology experts, we’ve always known that trust, reliability and looking after a client’s best interest are paramount to succeeding in business. But in 2001 and to this day, there were few managed IT providers available that embodied our customer-centric values. There were countless support companies more interested in reacting to issues than paving the road forward for clients, making it far too difficult to build long-term relationships. We felt a strong pull to make something different, and we did.