According to a Google/Harris survey, 52% of people reuse the same password across multiple accounts - meaning nearly half of us are putting ourselves at risk of having some (if not all) of our highly important accounts compromised!
As a business owner, your security should be of utmost importance. So how do you keep your data safe?
Should you update your passwords regularly?
You may think changing passwords at regular intervals is more secure. However, recent studies have shown that this approach to password security can, in fact, make security worse.
If you have multiple passwords to remember, and do a reset, you are likely to choose a new password that is only a minor variation of the old one. You may just change a single character or add a symbol that looks like a letter (such as ! instead of I).
If an attacker already knows your current password, it won’t be too hard for them to crack the updated version.
Microsoft stated: “If a password is never stolen, there’s no need to expire it. And if you have evidence that a password has been stolen, you will presumably act immediately rather than wait for expiration to fix the problem.”
What makes a secure password?
Here’s what the National Institute of Standards and Technology (NIST) recommend:
Passwords should be a minimum length of 8 characters and maximum length of at least 64 characters if chosen by the user. However, it is recommended that you use 20+ characters to prevent brute force attacks cracking your password quickly.
- Use ASCII characters (including space) and Unicode characters. Like: !"£$%^&*()_+:@<>
- Do not use names of pets, people or common dictionary words. Use a complex phrase or a random strong password generated by your password manager.
- Check prospective passwords against a list that contains values known to be commonly used, expected, or compromised. A good password manager will do this.
- Use multi-factor authentication (MFA) a.k.a., two factor authentication (2FA).
- Train staff on password best practice
Where do you store your passwords?
It’s impossible to remember all your passwords off by heart, but there are lots of different ways to keep your passwords safe without playing a memory game every time you try to log in!
- Password Management tools like; LastPass, 1Password, and DashLane are popular choices
- Use your browser’s Password Saving capabilities
- Use a password protected Excel document
All of these require a master password, so make sure it complies with all the NIST’s guidelines to keep all your passwords safe and secure!
We hope that helps keep you more secure, but for more great hints and help with your security, log into your BIZHUB account and watch the recent talks by Ben Fielding and Paul Newton.
Not a BiZHUB Member yet? No worries... here’s what you’re missing! The BiZHUB is all about providing small, local businesses with everything they need to keep learning and growing their businesses with the right resources, tools and community support.
We strongly believe that every day is a school day as a business owner, and so it should be - learning, implementing and growing is the key to success and we want to help you get there! We host bi-monthly events with experts that seriously know what they’re talking about, provide you with workbooks, collaboration sessions and all the support you need.