Best Password Practices

Poor quality passwords and lax password rules within organizations are huge threats to cyber security. It’s important that as a business owner, you understand how strong passwords can be created, and why they are effective.

It’s alarming that, we still see “password”, “abc123” and “123456” listed in a number of common password surveys. These passwords are also listed amongst the worst by research firms. They’re common, simple to guess, and any malicious party that knows their way around a network will without a doubt try these first when attempting to illegally access a computer or network.

By improving password rules within your organization, you will add an additional layer of security over your data, reducing the chances of costly and potentially business-ending data loss.

4 Tips to Help Improve Passwords

  1. Stop Using the Same Passwords for Different Applications or Systems
    Although it might be more convenient for you and your employees to use the same credentials (like usernames and passwords) for different applications and systems, this will only increase the security risk to your organization. If a password is compromised, then a malicious party could potentially gain access to every secure system or piece of software that uses the same password.
  2. Use Passphrases Instead of Passwords
    A password typically refers to a single number and letter combination that is 10 characters or fewer. Passphrases are combinations of multiple words and numbers, which can include spaces between words. Passphrases are harder to guess and harder to crack through brute force hacking methods. Another benefit of passphrases is that they’re easier for staff to remember.
  3. Passwords Should Be Changed Periodically
    In some organizations, password resets are enforced on a 30-day rollover basis. The exact duration of password validity depends on your business, your resources, and the perceived level of risk. Resets every three months should be considered for smaller organizations.
  4. Don’t Allow the Reuse of Credentials
    When adhering to the practice of password expiry and regular password changes, it’s important not to reuse credentials. Passwords compromised in the past could then become a security hole if they are used again. This is more inconvenient for users and it can be a point of contention in the corporate world. However, preventing the reuse of credentials could significantly increase password security within your company.

Improve Security with a Managed IT Service

Strong passwords are just one aspect of good data and cyber security. If your business collects and stores any kind of digital data, or uses computer systems for core business, then you will need the best security that you can get.

Managed IT services and consulting will allow you to develop the best password rules, IT policies, and overall security policies that will protect your business from the risk of internal or external data theft.

Scroll to Top