Password Best Practices
In the last quarter, some big names in the business world had their systems compromised and passwords were leaked. LinkedIn, Yahoo, and Dropbox are just a few notable companies that were affected by major security breaches. Each breach was unique, but they all resulted in some of their users’ login credentials becoming public information.
It was mainly consumers who were inconvenienced by having their login information revealed to the masses, but businesses could also be affected.
If the people whose information was hacked use the same login credentials for company sites like Salesforce.com or Quickbooks Online — or worse, your network — then your business could be at risk. If that were the case, hackers would have open access to your email, financial records, client information and other information.
So, what should business owners do to ensure their network is protected against security breaches?
Make Sure You Have the Necessary High-Tech Security Measures in Place
These include a properly managed firewall, Web filter, and spam filter, as well as an automated Microsoft patch management and antivirus solution. Also, be sure to educate your users on proper password policy.
Implement A Password Policy
Here are a few best practices to consider for your password policy.
Change your password every 90 days. - Your IT administrator or outsourced IT provider can set up your system to require this password change.
Don’t use the same password for everything. - Once it’s compromised, you’ll have to change it in several places. For example, if your Dropbox username and password were stolen and you use the same login combination for other sites, the hackers will have access to the information you have stored in those other places as well.
Keep it private. - Don’t write it down on a sticky note, save it in a spreadsheet, or tell a friend. Once someone else knows it, it’s no longer unique to you.
Change the default password set by the manufacturer on new devices. - When you buy a new router, firewall, or mobile device it comes with a password set up by the manufacturer. Lists of manufacturers’ default passwords can be easily found online, so you need to change it upon installation.
Use a strong password. - There are inconsistent rules these days for what makes a strong password, but most recommend that passwords should be at least 8 characters. They should be made up of upper-and lower-case letters, numbers, and symbols. It’s also harder to crack if the password is not a word used in your language.
Don’t let your company’s high-tech security efforts be undone by something as simple as a user with a weak password!
As seen in the The Press-Enterprise
About Courtney Casey
In an industry dominated by men, Courtney Casey, Director of Marketing for Accent Computer Solutions, Inc., is making her mark on the world of information technology. Courtney has been immersed in the IT field most of her life and has been molded into the tech savvy expert she is today. She began working for Accent while earning her Bachelor's degree from California State University, Long Beach. Known in the Inland Empire as the "Tech Girl," Courtney is a regular columnist for the region's newspaper of record, The Press-Enterprise. Her columns address topical news trends, new technology products, and offer advice on how to embrace technology or avoid common IT pitfalls.