Tips for better passwords
The old way small businesses have created passwords is just not cutting the mustard anymore. Typically, small businesses will just create a simple easy to remember, short password so they can quickly log onto their devices. However, with high profile data breaches, phishing schemes, and brute force attacks, there are a plethora of ways that criminals can break into your account and steal your information.
Here are a few simple ways you can protect yourself and your small business.
Tip #1: Use all characters - very important
One of the worst ways to create a password is to use something simple like “baseball” or “password123”. These types of passwords or using common words are the easiest passwords to hack. Criminals will use brute force attack too quickly get into your account with those types of passwords. Brute force attack means they will continually try common words to get into your account until they are successful.
To be more successful with your passwords, use a complex combination of letters numbers and make sure to alternate your capitalization. Let me give you an example. If you use a password such as “sunshine123”, you would be better off using “SunShInE456”. You'll notice the letters and numbers no longer follow a sequence and the capitalization is alternating.
For even better security, we recommend inserting a special character into your password as well. For our example, we could change it to “SunShinE456!”, or even better, “S|_|nShinE456!”. The “U” is represented by |_|.
Tip #2: Use a sentence as a password
Try to stay away from simple words in your password. Think outside the box. How about we try and use a full sentence as a password that uses abbreviations.
Let me give you an example. Let's say everyone's favorite baseball team is the Cardinals. (Or at least they should be). The St Louis Cardinals won the World Series in 1982. So let's make your password phrase “Cardinals won the World Series in 1982”. Your passphrase could be: “cwtwsi1982”. But remember, let's put some special characters in it. Let's change it to “cWtW$i1982”. This one would be much harder to crack.
Tip #3: 2-factor Authentication
We always recommend using 2-factor authentication whenever possible. Most hackers won't even attempt to bother with a 2FA account because it's too much hassle and goes beyond the abilities of automated programs.
The way 2-factor authentication works is when you try to log into your account, it will send you a text message with a code to your cell phone. Then you enter that code into the browser which completely verifies the identity of the person accessing your account. Anyone else trying to access the account won't be able to because they won't have the code that goes to your cell phone.
Tip #4: Make sure you're “Being Different”
Hackers are smart. When small businesses create a password, sometimes they use that same password for other logins. Make sure you're using different passwords for each and every individual login. If a hacker gets one password, and you're using the same password for other accounts, they now have access to multiple accounts instead of just one.
Another tip on being different is to make sure when you answer the security questions when you set up an account, don't be truthful. Make things up. For example, if they ask you if you were born in Arizona, answer the security question with something like “Missouri”. Another example would be if they ask you what high school did you attend? You could say “toilet paper”. Just remember, these security answers could backfire if you don't remember the answers.
Tip #5: Make sure you're organized!
Small businesses should always use a password keeper. Make sure your password keeper has a high level of encryption. Storing your password in a browser like Chrome leaves you vulnerable to hacking and compromise. We don't recommend saving passwords in your browser.
Make sure you're using a password keeper such as KeePass to store your passwords. Another online secure form of storing passwords is by the use of LastPass. Both of these methods are secure and recommended. Just make sure you're not saving your passwords on a piece of paper or in a text document on your desktop.