Individuals and businesses can spend thousands of dollars securing their digital data. You can get the latest anti-virus software, use encrypted emails, and have secure firewalls. All of this is money down the drain if you do not have secure passwords. Passwords by their nature are supposed to be secure and a method to identify someone with permission to access a particular account.
The problem and danger lies in the fact that everyone and their mother wants or needs you to create a user account with a password. For ease or sanity, you end up using the same password for everything. This is done out of a fear of forgetting, wanting to minimize the hassle of remembering, or the concern that if your write it down it is less safe.
Though passwords are not the end all, be all of security, they are a first line of defense. It is important for businesses who grant employee access to sensitive data to evaluate their password security. Many of these strategies can and should be employed in your personal use of passwords as well.
Today, it is not uncommon to see businesses which require users to log-in to their workstations, to implement a mandatory new password program every 90 days. Though not a guarantee to security, it is far better than how most of us individually and many small and mid-size businesses manage passwords. While every 90 days may be too much for you and your business, there are some key things to consider when it comes to protecting your online or software passwords.
Type of Business or Website
If you are a business that has a lot of turnover due to seasonal or temporary hires, it is in your best interest to employ a 90 – 120 day password strategy for your employees. This will improve the security of your systems and reduce the chance of a terminated employee accessing information in your system after their employment has ended.
For businesses with several portals or computers for employees to log-in, whether to record time or order parts, a password strategy may also be in order so as to protect you and your employees from rogue customers who watch employees log-in and steal their log-in information.
For individuals, if the website has your direct banking information or stored credit card that allows you to shop and buy in a matter of a few “clicks,” then you would be safer if you changed your password more often. If you like the convenience of not having to dig out and punch in your credit card number each time, then take the steps to protect yourself.
Keeping up with the Passwords
There are many digital methods to keep up with your passwords – whether through the internet browser feature that remembers passwords, password storage apps, or software that you can install on your computer to track the expanding universe of passwords. Some people use a rolodex or address book stored in a conspicuous location.
A tip: When writing down the password, do not write it out in its entirety. Use only the first two and last two characters or the first, middle, and last character. When you see it, you’ll know. Second tip: When you change your password, be sure to scratch through, blackout, or delete the old password.
Type of Passwords
The key with passwords is to not fall into the trap of easy memorization. Avoid number sequences (12345, 98765, 0000), generic phrases (password, login, iloveyou), your initials and birthday, your kids names and birthday, the names of your pets, names of your parents, or even where you work. Many have shared with me that they look at passwords as a chance to make them laugh or smile, give them motivation, or are a reminder of someone they care for when they type it in. Be creative with your passwords, change them regularly, and improve your chances of keeping your information safe.