Best Password Security Practices

Strengthen Your Password

Discussions surrounding passwords occur from time to time, and for good reason. Throughout our daily lives, there are dozens of accounts associated with our email addresses and/or mobile phone numbers. Whether it is a personal or business account, proper precautions need to be taken and periodically reviewed to ensure these accounts are secure.

The reason this topic stays prevalent is due to the continuous data breaches that occur at an ever-increasing pace throughout the tech landscape. Many major corporations, such as Yahoo, Target, LinkedIn, Equifax, and Uber have had significant data breaches in recent years. Click HERE for the 15 biggest data breaches in recent years.

Cybersecurity experts recommend a strong, unique password for several reasons. Chief of which is that there are new malicious cyber threats that compromise websites and online accounts every day. The resulting information may then be posted online in the form of a list of usernames, email addresses, and passwords. It’s bad enough that such posts expose a user’s personal information and credentials for a given online service, but it’s even worse if that user has reused the same username and/or password across many accounts. All of which would be subject to infiltration (e.g. work-related, personal social media, or banking accounts).

This is why unique passwords matter just as much as strong ones. While a strong password (one consisting of 10-15 characters and including a combination of uppercase and lowercase letters, numbers, and symbols) is highly recommended, uniqueness further prevents a potential lateral compromise of other accounts, should a given password be disclosed outside of the user’s control.

A recommendation for employing strong, but memorable passwords, is through the use of passphrases (a string of words). For example, “IEnjoyMYJob100%!” or “VFamilyOF4$” or “TV&Wine*Time!”. Instead of one word or a random string of characters, stringing multiple words together to create a much longer, but easier to recall password is an excellent method for increasing password strength. Mixing up capitals, along with the usage of numbers and special characters is always suggested.

As you follow the above recommendations, you should also consider using a password manager (an application that runs on your computer, smartphone, or in the cloud) to help you securely manage and store your passwords. Such managers can even help you generate a strong, random password for each account. Well-known examples of these are LastPass, Keeper, Dashlane, 1Password and Password Boss.

During the login process, you may also notice that Multi-Factor Authentication (MFA) is becoming more common. MFA is when you login to an account (with your username and password), and are prompted to provide a time sensitive code, usually received via a text message, phone call, or an authenticator app on your mobile phone. Although a strong password or passphrase is still a very effective means of securing your accounts, adding a second layer of authentication, like MFA, provides significantly more protection. While it is possible an attacker could have compromised a given account’s password via a data breach, it is very unlikely that they would also have physical access to your phone. The rise in cybercrime requires stronger security measures, and it is recommended to enable and utilize MFA wherever you are able.

Implementing new password and passphrase measures is vital in protecting the increasing amount of personal data that is stored online. While strong, unique passwords and the use of MFA are vital steps in securing your data, if you have any reason to suspect an account has been comprised, it is best to be safe and change your password as soon as possible.

If you are interested in learning more about staying protected, please feel free to contact us at www.EdmundsGovTech.com/IT to see how Edmunds GovTech Managed Services can help your organization.

Resources:

Click HERE for a recent article with helpful tips.

Click HERE for a quick video from National Institute of Standards and Technology (NIST).

Related Articles

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Related Articles

Efficiency and Excellence: Celebrating Administrative Professionals

Edmunds GovTech Case Studies: A Glance into Enhancing Local Government Operations

Cyber Security Awareness: Are You Ghosting Hosting?