It’s not breaking news that passwords by themselves will not keep your accounts or data secure.
For the better part of their existence, passwords have been hacked and compromised. These Data breeches happen every single day. The Privacy Rights Clearinghouse, a nonprofit organization that tracks data breaches, estimates that there have been more than 9,000 data breaches since 2005. If you haven’t had the opportunity to see if you’ve been compromised, SWICKtech will look to see if your passwords are on the dark web for free.
Biometrics might someday become more secure and replace passwords as our way of accessing sensitive information, but we’re not quite there yet. So, for as insecure as passwords have become, they’re still not going anywhere in the foreseeable future.
Here are 4 ways to make sure your passwords are as secure as possible:
- Use a passphrase rather than a password.
Using a passphrase is simply stringing together a series of words or a sentence rather than a single word password. The US National Institute of Standards and Technology (NIST) recommends creating long passphrases that are easy to remember but difficult to crack. A best practice for using a passphrase is to create a password with 64 characters and use both capital and lowercase letters and a combination of numbers or characters. An example of a secure passphrase is “You are 1 horse I can never forget”
- Use a Password Manager
Using a tool like a password manager means that you only need to remember one password rather than remembering a different password for each account. Password managers automatically generate and keep track of all your passwords in the same tool. They’re designed to provide access in an encrypted format that isn’t accessible to cyber criminals. There are many password managers on the market that are inexpensive and easy to use. SWICKtech implements password management solutions to businesses in Milwaukee and around the Midwest.
- Put Multifactor Authentication on it.
Sometimes we feel like a broken record talking about Multifactor Authentication (MFA) at SWICKtech, but the truth is that MFA is the #1 best way to secure your accounts from hackers. MFA requires a second form of authentication for you to access an account. A text or app on your cell phone might prompt you to confirm your identity or biometrics like a fingerprint or facial scan can also confirm that it’s you. At SWICKtech, we routinely investigate ransomware and other cyber-attacks. Often, MFA would have stopped an attack before it occurred.
- Train your employees.
Security begins and ends with each individual at your organization. Many times, an attack originates with a single employee clicking on a link or having a password compromised, putting an entire organization in peril. There are several training methods and simulated attacks that can help your employees become aware and able to identify malicious links and attacks from outside threats. SWICKtech performs security training and phishing tests so businesses can become aware of vulnerabilities and begin to correct the human error that is inherent to cyber-attacks.
Password security is the first level of what should be a multitiered security approach to protecting your organization and data. If you have any questions about cybersecurity or would like a free IT Security Evaluation, contact SWICKtech today.