World Password Day: Top tips to keep you and your business secure
06 May 2021
To celebrate World Password Day, our data management experts have pulled together a few top tips to keep you and your organization secure. Some of these points may seem obvious, but it’s surprising how many people don’t practice these simple security measures, particularly following the upheaval of the last year. For example, your new password shouldn’t be on that post-it note on your desk….
1. Keep those passwords to yourself
An obvious one, we hope. But it can be all too easy to try and make life simpler by messaging your login details. But you know you shouldn’t, right?! As soon as you tell someone else, it is no longer under your control. Your friend, colleague or teammate could tell every Tom, Dick and Harry and eh voila it is no longer secure. Before you know it the whole world and their dog could access your secure data.
2. Use two-factor authentication if it’s on offer
This may seem a faff when you are in a rush but quickly bolsters your security credentials and lets you know immediately if that account is being hacked. Whether the second step is a text, a call or email, you and the system can be sure you are who you say you are. It is an added security blanket.
3. Don’t reuse passwords
Reduce, reuse, recycle is a common saying these days but it does not apply to passwords! If you use the same password for all your personal and work accounts this rapidly increases the risk of a security breach for both you and your organization. It may seem like a simple solution in the short term and makes it easy to remember, but that means it's also easy for hackers. Once there into one easy to access site they can then gain access to any private or sensitive data on more secure platforms because the passwords are the same. So, if this is you, maybe think about a change.
4. Don’t write your password down
Queue a frenzy of shredding post-it notes. But this isn’t 90’s. Even if you have a hidden list in OneNote or Notepad saved to your desktop, you can’t be sure who else might be able to see it. Yes, remembering ever more complex passwords is hard, so make life simpler and more secure for yourself and download a password manager. That way you have all your passwords in one secure place so it’s even easier to find!
5. Password managers are your best friend
Following on from the previous points, as is the best practice most organizations and tools require you to change your password regularly which can be hard to keep track of unless you're Rain Man. That’s why you need a password manager. This way you can easily update your passwords and keep track of your old passwords, so you don’t reuse the same ones (which detracts from the strength of your password). Your password is then safely encrypted so no one can get it. Microsoft’s Authenticator App can now be used as a password manager or if you use Chrome Google’s Password Manager can be useful. But be wary of saving passwords or other details locally on any sites or apps unless they are completely trustworthy, and your connection is secure.
However, password managers like this can be resource-heavy so a password-protected Office 365 file is just as secure and compliant with ISO27001. But don’t forget that password as there is no way to recover it.
6. How to create a strong password
It doesn’t have to be jargon but with your new best friend your password manager by your side, you can stop using your pets/children’s/mother’s maiden name [insert easily hackable answer here].
Recommended password requirements are at least 16 characters including these three items:
There is, unfortunately, no sure fast way to beat off the hackers but the more people within your organization that apply these best practice tips both inside and outside work, the more secure your critical business data will be. So, share this blog with your colleagues and friends and stay safe.