Although passwords are just a string of characters, they are effectively what stands between security and a disaster. Imagine what would happen if your passwords were to be leaked or cracked, here are a few examples of what hackers and cyber criminals could do:
Social media – post offensive messages, causing you brand damage and loss of fans
Computer – install software to track all of your activities, such as entering bank information.
Online bank accounts – steal your money
Confidential Files – steal your marketing plans and sell them to competitors, causing you to lose out on big contracts.
Email – Ability to send malicious emails leading to installation of viruses
Smartphones – access to your organisation’s cloud-based files
I’m sure that all organisations and individuals want to avoid any of the above events happening to them, so why do so many people have weak passwords?
A common answer to that question is ‘because it’s easy to remember’ or ‘quicker to type in’ – if you’re one of those people, then frankly you shouldn’t be given access to anything which requires a password.
Passwords are much easier to guess than most people think; I bet that if your password requires a number or a special character that it’s at the end. I bet it’s also one of these:
If I’m wrong, then good! If I’m right, then part of your password has just been guessed by someone who works in marketing – think how much of it a hacker or a computer could guess…..
Here are 3 simple tips for creating a more secure password:
When you think of a password, imagine something which is completely random which you have no relation with. By not using the names of your children, your birthday or the street you live in, you reduce the chance of someone who knows you simply guessing your password.
Instead, grab a dictionary and pick 3 random words. Now mix them together in one word which you won’t find in any dictionary.
For example if your 3 words are Cheese, Machine and Farm you might make it Farcheeine. Now throw some numbers in there, F4rChe3ine. Sure, it might be hard to remember at first – but you’ll eventually be able to remember it without scratching your head.
Store it in your mind
Even if you find that your password is hard to remember, you need to refrain from writing it down somewhere. Instead, just keep saying it in your head now and then until you get fed up of hearing it. Trust me, if you can remember the lyrics to an endless amount of songs (which I know you can) – then you can remember a password.
Don’t go for the minimum
Most systems will have a minimum amount of characters required for a password – this doesn’t mean go for the minimum. If it requires at least 7 characters including a number, then make your password 14 characters long with 2 numbers.
These 3 simple steps will increase the strength of your password significantly; just make sure you do it all over again in 3 months.
Think about your employees. Although you don’t necessarily control the strength of their password, the minimum you could do is to raise awareness of information security and what is considered best practice.
If your staff haven’t been exposed to a form of information security training, then chances are they don’t know what is classed as a secure password. You need to make sure that all of your staff have a healthy knowledge of password security, otherwise your organisation will face the consequences.
Take a look at IT Governance’s Information Security E-Learning Course which teaches your staff about basic information security principles and what they should and shouldn’t do.