Did you know that more security breaches occur on computer systems due to the use of poor passwords than by any other method? A poor password is like leaving your car parked outside the shops unlocked with the keys in the ignition. Why make the job of compromising your system easier?
Common security breaches are caused by either hackers accessing your computer system or from someone inside your organisation accessing something they shouldn't. The risk of these can be reduced by having a good password. A good password is one that is complex but also easy to remember. There is no use having a complex password you can't remember stuck to a sticky note on your monitor (yes, I have seen this before!).
Some simple rules for passwords are:
- Do not use your name, date of birth, kids names or pets names, these are not only common words which are easy to hack but they could be guessed by colleagues wishing to access your data;
- Do not use common passwords like password, abc123, qwerty or your company name;
- Use different passwords for your financial accounts, work accounts and home accounts;
- Never use a password you use for social networking for work or financial related logins;
- Have at least eight character passwords. The number of possibilities for six character passwords is 735,091,890,625 and takes less than a day to crack. An eight character password has 6,634,204,312,890,625 combinations and takes years to crack;
- Mix upper and lower case;
- Use special characters and numbers. The easiest way to do this is to replace certain letters with numbers or characters, for example replace "l" with "1" or "!", "t" with "7", "g" with "6";
- Change your passwords regularly (but not so regularly that you forget them);
- Do not write your passwords down anywhere near the computer.
If your business uses a server to authenticate user logins you can usually set password complexity and expiration rules which require users to change their password every so often and to have passwords with certain characteristics.
If you are concerned about your information security, Carter Tech offers a Security Review and Audit service where we look at the security of your systems and report back to you. If problems are found we can help you to tighten your information security.