Information Security – Episode 1 Password Management
Security can be complicated at times. Other times it couldn't be any more simple. Passwords are the first line of defence when securing your personal information online, or sensitive company information on a network. It is so important to give them the respect they deserve and to choose a password that is difficult to guess yet remains easy for you to remember.
Always change a default password provided to you, never write your passwords down, try not to re-use your passwords and never share them. Imagine if your passwords were your house keys: you would probably change the locks when you first move in, you wouldn’t hang a set of keys up outside of your front door; you wouldn’t have the same key unlock each door in your property; and certainly wouldn’t give a spare set to everyone in your road. Treat your personal or company sensitive information with the same concern as you would for the valuables within your home.
While complex password structures may be very secure. The letter/number/special character combo, combined with different character limits for every application is likely to leave your head spinning in trying to remember what you set that password as. Of course, we would never write a password down! So, how do you remember your passwords?
The current password guidelines being circulated are to combine three random words to create one long, yet memorable password. EndlessGiraffePants – I’ll eat my hat if someone managed to guess that yet, I think I'll do quite well to forget it. Unfortunately, many systems and applications have not yet caught up on changing trends and still insist on making you use those complex combos, almost begging you to write your password down - lest you end up forgetting it. In these cases, we recommend using one of the many reputable password managers out there to secure your passwords. Keeper Security is our particular favourite (get in touch for a quote).
Never before has something so useful been so difficult to adopt into standard practices. With respect, get over it. If MFA is an option that is available to you on an account, always choose to set it up. It makes it almost impossible for an attacker to log into your system or application if your password does ever become compromised. The epitome of a "no brainer"...
Information may well be the most valuable resource for most businesses so be sure to take the necessary steps to protect it, starting with your first line of defence.