Let’s be honest, passwords are annoying. These days, we need a password or PIN everywhere. We have so many that we can’t keep track of them all and that is why password security is more important than ever.

Recently, website hacking has seen a sharp increase, with homepages being replaced with spam links and sometimes whole websites altered or redirected without the webmasters knowledge. This practice is only likely to continue, meaning that we now need to treat our ftp and domain information and passwords as we would our bank accounts.

With the increase in social media, the amount of information people place online that can be accessed by strangers is immense. Some of this seemingly innocent information can be used to get a bank to release financial information or to hack a vulnerable online service. Remember, those secret questions we all use in the event of forgetting our passwords usually revolve around information we quite happily place on our internet profiles; daughter’s name, mother’s maiden name, etc. If a clever person can identify this information (sometimes as easy as popping your name into Google) and can then answer your secret question on an account, they can gain access.

Administrators can enhance a business’s security by setting strong password policies. Password requirements should be built into business’s security policies and all staff members need to read and sign off on this document. All new users should be taught strong password practices. Staff should also be regularly reminded of how easy it is for hackers to get access to their passwords through social engineering and online attacks.

Seven Dos and Twelve Don’ts For better Passwords

• DO use a password with mixed-case letters. Use uppercase letters throughout the password.
• DO use a password that contains alphanumeric characters and include punctuation, where supported by the operating system.
• DO use a password with mixed-case letters. Do not just capitalize the first letter, but add uppercase letters throughout the password.
• DO use passwords that contain 8 or more characters in length; 14 characters or longer is ideal.
• DO use a seemingly random selection of letters
• DO change passwords regularly. The more critical the account to network integrity, the more frequently the password should be changed.
• DO use a password that can be typed quickly, without having to look at the keyboard. This makes it harder for someone to steal your password by looking at your keyboard (also known as "shoulder surfing").
• DO NOT use a network login ID in any form (reversed, capitalized, or doubled as a password).
• DO NOT use your first, middle or last name or anyone else’s in any form. Do not use your initials or any nicknames you may have or anyone else’s.
• DO NOT use a word contained in English or foreign dictionaries, spelling lists, or other word lists and abbreviations.
• DO NOT use other information easily obtained about you. (This includes pet names, license plate numbers, telephone numbers, identification numbers, the brand of your automobile, the name of the street you live on, and so on. Such passwords are very easily guessed by someone who knows the user.)
• DO NOT use a password of all numbers, or a password composed of alphabet characters. Mix numbers and letters.
• DO NOT use dates e.g., September, SEPT1999 or any combination thereof.
• DO NOT use keyboard sequences, e.g., qwerty.
• DO NOT use a sample password, no matter how good, that you’ve gotten from a book that discusses information and computer security.
• DO NOT use any of the above examples spelled backwards, or in caps, or otherwise disguised.
• DO NOT write a password on sticky notes, desk blotters, calendars, or store it online where it can be accessed by others.
• DO NOT use shared accounts. Accountability for group access is extremely difficult.
• DO NOT reveal a password to anyone.

By adopting safe password procedures and training your staff on how to protect their personal information, you can hopefully safeguard yourself from a practice that is costing business millions of dollars every year.

If you enjoyed this post or found it informative, let others know by
submitting to the following services! Thankyou.