Preferred Blog

Preferred has been serving the Tinley Park area since 1991, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

How’s Your Password Hygiene?

Preferred Blog Security

Vince Arden

Monday, April 12 2021

0 Comments

I’m not sure we need to tell you how important passwords are: they are the front-line defense to most of the accounts you create. What is often overlooked is the strategy of how to use a password to successfully protect accounts and data. Today, we will discuss best practices when creating and managing your passwords and how you are likely approaching your password strategy improperly.

Creating Strong Passwords

It’s true that passwords can be a pain to manage. Anyone who has been locked out of an account because they can’t remember their password knows this all too well. That’s why it is important to create passwords that are both easy to remember and that are secure enough to protect you. Cybercriminals have tools at their disposal that do a pretty good job of being able to crack passwords, so you need to keep that in mind when you are choosing yours.

As you set out to create your passwords, you should keep the following two points of emphasis in mind.

A hacker may try to brute force attack any password that cannot be guessed or cracked, rapidly trying each combination possible.
A password’s security and its resistance to brute force attacks are two different things.

Brute force attacks can really be devastating, but when you create your passwords, you have to keep in mind that any hacker with the will to brute force your computing network and left with the time to complete their hack, will likely find a way into your network. What you are doing when you are selecting a strong, memorable password is trying to make certain that the only way they are cracking your password is through brute force.

Typically we like to encourage that your passwords meet the following metrics:

Are longer, typically over 16 characters
Use a combination of numerals, letters (with upper and lower case characters), and symbols
Don’t use privileged or personal information, or any information that can be tied to you through online searches
No common words or numbers
No consecutive letters or numbers

So How Do You Optimize Your Password’s Effectiveness?

With those practices, you will be pretty far along, but you also have to understand that the hackers’ tools are extremely powerful. That’s why on top of those suggestions, you will also want to add some complexity to your passwords. Studies have shown that about 41 percent of all passwords are composed exclusively of lowercase letters. If we have access to this information, it stands to reason that someone who makes a living breaking into networks and stealing data knows it as well. Therefore, along with adding symbols, varying cases, and numerals, one strategy is to use a passphrase of random words.

The reason for this is that, with a password that looks like this “7i&3RkIn&4L1f3” the chances that you remember it if you use the account sparingly is pretty low. Besides, it is not that secure, as it is effectively a complex sentence. Remember, the hacker has to get your password completely correct to effectively gain access, so instead of trying to come up with intricate ways of typing statements that can be easily guessed, try taking three words that don’t have any natural connection, incorporating numbers and some varying capitalization, and padding either side with symbols.

A process like this makes the password more usable. It very likely won’t be guessed, is long enough to protect your account, is effective against the brute force attack, and will be easier for you to remember.

Speaking of which, since you shouldn’t use the same password for multiple accounts, you will end up with dozens of passwords. Keeping them straight, especially over the long haul (as you will likely have to reset passwords from time to time), is difficult. That’s why we recommend using a password manager. Many people take advantage of the password saving feature inside their browser. This is effective, but we recommend using a third-party manager that features encryption. This tool will be the most secure and reliable; and, you won’t have to worry about remembering every password.

At Preferred, we consider cybersecurity one of the most important parts of a business’ IT strategy. Give us a call a 708-781-7110 to see how we can help you keep your IT assets safe.

Tags:

About the author

Vince Arden

Vince Arden is the founder and President of Preferred Communication Systems. He is a graduate of DeVry University with over 30 years of experience in the IT industry. In addition to providing leadership in sales, marketing, project management, and service delivery at Preferred, Vince provides Virtual CIO-level services for the 4th-largest Realtor Association in the nation and to an Inc. 500 fastest growing company. He has been interviewed by industry publications like Redmond magazine, CRN News, and Continuum for his expertise related to cloud computing and the managed IT services industry. He also lends his voice as a contributing author for the Cloud Business Review.

His core purpose is to, "Help people achieve their greatest potential in work and L.I.F.E." He passionately works toward making this a reality in every aspect of life, including his areas of expertise, such as thought leadership, ideation, communication, team building, and Servant Leadership. Vince models building strong relationships, both with his team at Preferred and with his clients. He strives to build a network of people he can embolden to work smarter, so that they may ultimately be able to live better.

Author's recent posts