12 Password Best Practices

April 28, 2022

With the business world so heavily reliant on digitalisation, the use of technology in your organisation is unavoidable. Although technology can undeniably give your business an advantage in increasingly competitive markets, there are many troublesome areas to keep an eye on.

Password protection is a good place to start if you want to ramp up your cyber security. However, because of the frequent use of passwords, people tend to overlook their significance and make careless mistakes, which could lead to breaches in security. To mitigate these risks, businesses must make it a priority to educate employees about best practices when using passwords.

Six Password “Don'ts”

Protect the confidentiality of your passwords by following these six password “don’ts”:

  1. Don’t write passwords on sticky notes
    Although you may feel that writing down passwords improves password protection and makes it more difficult for someone to steal your passwords online, it can make it easier for someone to steal your passwords locally.
  2. Don’t save passwords to your browser
    This is because web browsers are poor at protecting passwords and other sensitive information like your name and credit card number. Web browsers can easily be compromised and a wide range of malware, browser extensions and software can extract sensitive data from them.
  3. Don’t iterate your password (for example, PowerWalker1 to PowerWalker2)
    Although this is a common practice among digital users because it makes remembering easier, it is unlikely to protect against sophisticated cyber threats. Hackers have become far too intelligent and can crack iterated passwords in the blink of an eye.
  4. Don’t use the same password across multiple accounts
    If you do so, you are handing cyber criminals a golden opportunity to exploit all your accounts.
  5. Don’t capitalise the first letter of your password to meet the “one capitalised letter” requirement
    Out of habit, most of us tend to capitalise the first letter of our passwords to satisfy the “one capitalised letter” requirement. However, hackers are aware of this, making it easy for them to guess the capitalised letter’s position.
  6. Don’t use “!” to conform with the symbol requirement
    However, if you must use it, don’t place it at the end of your password. Placing it anywhere else in the sequence makes your password more secure.

Six Passwords “Do’s”

Protect the confidentiality of your passwords by following these six password “do’s”:

  1. Create long, phrase-based passwords that exchange letters for numbers and symbols
    For instance, if you choose “Take the kids to the park” write it as “t@k3theK!ds2theParK”. This makes your password harder for hackers to crack.
  2. Change critical passwords every three months
    Passwords protecting sensitive data must be handled with caution because there is a lot at stake if they are compromised. If you use a password for a long time, hackers may have enough time to crack it. Therefore, make sure you change your critical passwords every three months.
  3. Change less critical passwords every six months
    This means you need to decide which passwords are crucial and which are not. In any case, regardless of how critical they are, it’s good practice to change your passwords every few months.
  4. Use multifactor authentication
    It’s your responsibility to do everything in your power to keep cyber criminals at bay. One of the best approaches is to barricade them with multiple layers of authentication.
  5. Always use passwords that are longer than eight characters and include numbers, letters and symbols
    The more complicated things are for hackers, the better.
  6. Use a password manager
    A password manager, like MyGlue, can relieve the burden of remembering a long list of passwords, freeing up time for more productive tasks. MyGlue is a simple password and process management platform that offers an easy-to-use hub for storing business information. The data is stored centrally and accessible via any device. The information is logically organised, easy to find through a powerful search tool, and completely secure. We described the features and benefits of MyGlue in a recent blog https://www.quintech.co.uk/improve-collaboration-and-efficiency-with-secure-business-documentation/

How can Quintech help?

Adhering to password best practices requires constant vigilance and effort on your part. As a result, it is best to work with an expert managed IT support provider like Quintech who can help you boost your security and put your mind at ease. For a no-obligation consultation on your business needs, get in touch on 01684 887200 or email info@quintech.co.uk

Discover the TEN hidden security risks in your IT network!

Download your FREE report here…