The always in fashion technical crime (hacking) runs on the idea of guessing or stealing a password. Passwords are a tiny piece of the puzzle that protects user identity. They are the keys that unlock access to various applications over the internet. These applications could be sensitive in nature depending on the quality of conversation undertaken over a specific touch-point. Although even when the least vulnerable system has been attacked – it poses a threat to the existence of passwords and the value attributed to security by its users. We keep losing our passwords. Organisations may end up ignoring educating users about password best practices. While a user may end up writing one’s user name and password on a chit, the aftermath could be huge.
IT Admin's Delight!
Attending to a set of best practices can set you apart when it comes to cyber security related to mismanagement of passwords.
Here is a list of password best practices that you need to follow as well as pass on to the users – employees, vendors, clients, customers…
- Refrain from including personal information in your password. Your password should never contain any personal information – name, user name, company name, spouse name, city name, college name, etc.
- It is highly discouraging to pen down your password – never write your password anywhere rule. It opens up a window for cyber theft. Even a sweet colleague may end up stealing and putting you in the spotlight for accessing confidential information.
- Keep your password dear to you. Stick to the protocol of never disclosing your password to even closest associates. The moment you say it out loud – there are people who want to know what’s up with you.
- Keep your devices password-protected – mobile phone, iPad, laptop, desktop. With BYOD/CYOD policies come to the clause. If you lose your mobile, the least you can do from preventing a thief to access the details on your mobile is to place a password.
- Avoid sticking to easy to guess passwords. If your password is password1234 then the time to change is now. Such passwords can pave way for hackers breaking past your login as your read this.
- Passwords need not be complex, create a mnemonic of words in your password. Play with numbers, symbols, uppercase, lower case – if you make a story of your password the chances of forgetting it is bleak
- Change your passwords regularly. There are notifications that prompt users to change passwords. We know it is painfully irritating to change and memorization a new one, but it is all about stopping theft.
Stick to these password best practices. Passwords being a vital component of system security are targeted via phishing or social engineering. Make sure you stick to these and educate people around you to exercise caution when it comes to protecting one’s identity online – and this starts with password protection.