Properly creating and managing passwords is an important part of any cybersecurity routine.
Here are a few steps you can take to strengthen your passwords and reduce cyber risk for yourself and to your organization.
Use Passphrases
A passphrase is a phrase that is easy for you to remember but modified with a combination of upper- and lower-case letters, numbers and special characters. For example, the phrase “I like sailing on the sea” can be modified to create the passphrase ilikeSa!ling3onthesea.
Passphrases are much easier to remember than a random string of characters. And because passphrases tend to be longer, they are also harder for hackers to crack. Experts recommend putting upper-case letters, numbers and symbols in the middle of the password—not at the beginning or the end. You can also add spaces to your passphrase.
Best Practices
- Do not write passwords down.
- Do not leave passwords in unprotected files.
- Never share passwords.
- Never use the same password for different accounts.
- Always lock your devices; set auto-lock to a short time frame when available.
- Turn on biometric features when available.
Multifactor Authentication
Multi-Factor Authentication (MFA) simply means at least two forms of verification are required before gaining access to a system. As a common example, it’s something you do now when you use an ATM: You insert your card, and also have to enter your PIN. Using MFA when you log onto a website provides a similar additional level of security, so activate it whenever possible using any two of the following:
- Username &
Password - SecurID
Token - One-time PIN
- Biometric
Identification