Three Powerful Password Tips – #BeCyberSmart
October is marked globally by various countries and organisations as Cybersecurity Awareness Month. The theme for 2021 is “Do Your Part. #BeCyberSmart.”
At iSite Computers, we’ve dedicated this month to publishing a four-part series aimed at creating awareness on fundamental cybersecurity practices for small to medium-sized businesses in South Africa. Share this article series with your employees to stress the critical basics of IT security in order to keep your business protected.
This is Part 1 of 4.
Are your password practices putting you at risk? For many devices and online accounts, a password is the only line of defence. In this article, we cover three simple, yet powerful tips for stronger password security.
(1) No One Needs Your Password, Ever
Here’s an easy way to tell if someone is trying to steal your data:
They ask for your password.
No person ever needs your password. Not your boss. Not your co-worker. Not the tech support lady on the phone.
Anyone who legitimately needs to access your system can get in without your password. They have privileges on your system necessary to their jobs, and they can get into your account without your password.
The only reason someone needs your password is to fool a computer or an online service into thinking they are really you. Be careful. That’s not legitimate behaviour.
(2) Use a Passphrase, Not a Password
You’re really bad at creating passwords.
Don’t worry, most people are.
In fact, hackers can usually guess your password because most people pick really common, really simple, and really insecure passwords. The longer and less common your password, the harder it is for hackers to guess.
But lengthy, complicated passwords are also harder to remember.
That’s why you shouldn’t use a password: You should use a passphrase.
A passphrase is a short sentence that’s easy to remember but, hopefully, harder to guess. For example, instead of using your daughter’s birth date as a password, use “I love my dau8ter 4-ever” as a passphrase.
You probably can’t remember a 16-digit random string of numbers and letters, but you can remember that you’ll always love your daughter (and that you used a funky number and punctuation combo to spell ‘daughter’ and ‘forever’). And, best of all, hackers won’t be nearly as likely to guess it.
(3) Use 2FA Wherever You Can
Hackers steal millions of passwords every year – through no fault of the users that lose them.
That’s why you need a second line of defence: 2FA.
Two-factor authentication, or 2FA, is like installing a deadbolt above the lock already in your computer’s door. Thus, if a hacker wants to get inside your computer, they would need to steal two different keys.
For example, various banking websites can be set up to send special codes to your smartphone – either by SMS or through an app – which you must combine with your password to log in.
With 2FA, a hacker has to do more than steal your password to hack into your bank account. Hackers would need to steal your password and physically steal your smartphone to get in, and that is far less likely.
Book a Free #BeCyberSmart Consultation for Your Business
Password security starts with implementing fundamental best practices like these. Not sure how to start or where to go from here?
Book a free, no-obligation cybersecurity consult with iSite Computers. We’re here to help.