The Do’s & Don’ts of Passwords | Fraser Valley I.T. Support
In a 2020 Data Breach Report, Verizon discovered that 80% of hacking-related breaches involved passwords. Lost passwords. Stolen passwords. Phished passwords. These days, we may be seeing more alternates in use, like fingerprint scanners and face recognition… but we are still years away from ditching passwords completely.
SO, here are some dos and don’ts when using passwords…
Don’t – Pick a password that is easy to guess.
Do – Come up with a long, strong password.
A quarter of users still use obvious passwords like 123456, password and qwerty! Also, a 2019 survey found that 59% of passwords used a birthday. You do not want to use any information that is well know or easy to find out. So, avoid things like family names or pets’ names.
The longer the password, the harder it is to guess. So, use at least 10 letters. Short random sentences work great. Also, if possible, add in a mix of upper and lower case, symbols and numbers. We have a great blog post on fun ways to think of new passwords.
Not All Recycling is Good!
Don’t – Reuse passwords for multiple accounts.
Do – Use a unique password for each account you have.
The average person has 70-80 password-protected accounts… so, the average person SHOULD have 70-80 different passwords! But all too often, they do not! In fact, after analyzing a database of leaked details from security breaches, Microsoft found that 44 million accounts were reusing passwords! So, if just one of your accounts turns up in a data breach, your details can then be used for every other account you used the same password for.
Don’t – Share your password with anyone.
Do – Keep it to yourself!
They say sharing is caring… but, like germs, it’s not a good idea to share passwords! It happens a lot. Too much! Remember that survey we mentioned earlier? They found that that 43% of users shared their password with someone else.
Don’t – Keep your passwords on sticky notes, on your desk!
Do – Store your passwords somewhere secure, like a password manager.
You would be amazed at how often we see office machines with sticky notes on containing passwords! Password managers are a great way to store all those passwords. And MUCH safer! They use multifactor authentication and data is encrypted at a local level.
Change It Up
Don’t – Keep the same passwords forever.
Do – Change them regularly!
Passwords are like underwear. They should be changed often! Some systems/accounts can be set-up to send expire passwords after a set amount of time. Alternatively, you can set up regular reminders.
Obviously, it is best to be proactive, but you also need to be quickly reactive when data breaches happen. If you receive notification of a data breach for a provider you have an account with, it is important to change your password as soon as possible. Seems like common sense, right? However, Google found that only 45% of users said they would change their password after being notified of a data breach!