Is your email password secure? What about your Google account password? How about your LinkedIn password? At least they’re not all the same password…are they!?
Even if you have complete confidence in your password, can you say the same for everyone else in your organisation? Improving your password security should be the first step you take to protect your business. In this article we’re going to cover what makes a strong unique password, as well as a piece of technology called a password manager – which lets you use extremely secure passwords without needing to remember long strings of random characters.
What Makes A Strong Password?
There are three key elements to a strong password, length, complexity, and uniqueness. If you are implementing a password policy in your business, these three points should form the foundation of your policy.
The longer a password is, the longer it will take a hacker to break it using brute force method. Many websites and services insist on a minimum number of characters in a password (normally 6 to 8 characters), but if you can use even more, it’s good practice to do so.
Passwords which include numbers, capital letters, and special characters (&, %, £, “, etc.) are significantly more secure than those which just use lowercase roman letters.
It is a bad habit to reuse passwords. If a hacker steals or cracks one of your passwords, the first thing they are going to do is try that same username/email and password combination on every other account they can think of. If you use the same password for everything, you are putting every account at a far greater risk of being hacked. Use a unique password for every account – and we mean genuinely unique, not the same password but with a “1” added after it.
So, taking all these factors into account, your passwords should look less like “apples” and more like “32OpvdIh04vFoNlYOPJDCgfo”. A password like that might seem impossible to remember, let alone having to have different ones for every service or device you use. Luckily, there’s a way you can have multiple, unique, ultra-strong passwords without having to remember them…
A password manager is a cybersecurity tool which generates extremely strong passwords. These passwords are then encrypted and stored in a “password vault”. This vault is then secured by another strong password known as your master password.
When you need to enter a username and password, you can log in to your password manager and copy and paste the password. Better yet, most password managers have browser extensions and mobile apps which can auto-fill your passwords for you.
If you already use Google Chrome, or have an Android device, you might be familiar with Chrome’s own saved password feature which automatically fills passwords. This is an effective commercial password manager, but it lacks the features required to be used as a business-grade password tool.
Password managers offer an effective way to generate and store passwords and using one can encourage you to have better habits around the password management. Many password managers also have features which will automatically scan for duplicate passwords and prompt you to change them. Some will even alert you if one of your passwords is leaked online – giving you the chance to replace it ASAP.
The risk associated with a password manager is that your master password is a single point of failure. While we believe the overall benefits of password managers outweigh the risk, it is still something to be aware of. To mitigate this risk, you’ll want to choose a very strong master password.
Because your master password will now be the only password you’ll need to remember, you should use several words or even an entire sentence as your master password, with a few numbers and symbols thrown in for good measure. Many password managers also support multi factor authentication for an added layer of security.
Need Help Improving Your Password Security?
Our team have helped businesses to improve their password security and implement effective password policies across their organisation. If you are worried about your password security and would like professional IT help, speak to our team today.