How often do you update your password for email? How about your bank account? Despite the growing number of security breaches and increased awareness around security, many people continue to reuse or rarely change their password according to a survey by LogMeIn.
By neglecting to update or create strong passwords, users are opening themselves and their employers to potential security risks. That’s why World Password Day is an important reminder to audit your password practices. Eight members of the Avecto team share how to make your passwords stronger and why it’s important to practice good security habits.
1. Go Back to the Basics
"World Password Day is a great opportunity to review online security basics. Strong passwords unique to each site are an essential step in securing your online presence. Naturally, you can’t remember hundreds of passwords – use a password management tool on computers, tablets, and smartphones to create, store and enter passwords for you. Don’t stop there - enable additional verification when logging on from a new device too! This combination will have hackers moving on to easier targets." - Brian Hanrahan, Product Manager at Avecto
2. Practice Healthy Security Habits
"Being proactive with your digital protection has become vital to our day to day existence. Regularly changing your passwords is one step in ensuring you have a strong basis of security hygiene in place to prevent a breach of your data at home or work." - Matthew Knutsen, Vice President & General Manager, Americas at Avecto
3. Use an Algorithm for Your Password
Passwords are one of the weakest links to steal an identity or to enter an enterprise environment. You can have all possible security measures however if your passwords or your users’ passwords can be guessed it will weaken your overall security.
Many targeted attacks are based on stolen passwords from data breaches at well-known companies, including Sony and Yahoo, etc. regularly changing passwords reduces the chance of these passwords to be part of a targeted attack chain.
Here are tips to make stronger and more memorable passwords:
• Use a combination of a passphrase and a number. A phrase like “I like to eat ice cream in the summer” can easily be translated into “IlteICinS.” Combine it with a favorite number (for example a pet’s birthday): “IlteICinS13” and add a special character like to it: “IlteICinS13@”. Now users have a secured password with Upper and lower case, numbers and special character. To make it more unique to specific services, add an abbreviation to it. E.g., an Amazon password could look like this: “IlteICinS13Amz@.”
• Another way to create good passwords is using cipher cards, qwerty cards or password cards. They allow users to start with simple words and end with a very strong password by encrypting every single character. E.g., with the card “Avecto” would become “. Bd94iz4iw.” Again, users can add, e.g., “Amz” to use this only for an Amazon account. The cards can go in a wallet or key ring, and users only need to remember a simple word.
• Lastly, it makes sense to use a password manager like KeePass. This tool creates multiple very strong passwords for different uses and stores them in a secure password safe. Make sure you protect the safe and its’ master key with a strong password with one of the described methods. Benefit: you only need to remember one password and the rest will be managed in your password safe.
- Mohamed Ibbich, Senior Technology Consultant at Avecto
4. Celebrate World Password Day
"This day helps to spread awareness of why having strong passwords is vital to protecting yourself against identity theft. Explore what new options are available to keep your information safe like password managers or two-factor authentication." - Dennis Weyel, Senior Technology Consultant at Avecto
5. Build a Strong Digital Defense
"Ensure that your passwords are long and complicated. Aim to have at least twelve characters, mixed with uppercase and lowercase letters, numbers, and symbols. Frequently updating your passwords helps ensure that you have a strong first digital line of defense. By regularly adjusting and making your passwords stronger, you’re able to secure your information, especially in today’s environment of regular hacks." - Ben Audley, VP of Sales UK & Ireland at Avecto
6. Add Additional Security Measures
World Password Day is a good way of reminding people that they need to take security seriously. With the internet being pervasive, there’s a huge amount of personal information that exists in the web and ether that needs to be protected. There are far too many people who are lax with their security.
Additional security measures such as o 2-factor authentication or biometrics are a fantastic way to secure your data. A 2-factor authentication is a particularly useful option for websites. When you log in from a new device, it helps to prove you are who you say you are. Fingerprinting, retina scanning, and passcode applications or apps on mobile devices are also becoming common ways to protect your credentials.
Password manager tools are a good option if you struggle remembering multiple passwords or algorithms. However, you need to check how secure these sites are and if they have been hacked in the past. If it’s free, ask why it’s free and who is providing it. Many password manager tools are fake and were built to harvest your information. It’s important to choose a password manager tool you pay for because it shows they have the funding to secure your information.
- Andrew Avanessian, Chief Operations Officer at Avecto
7. Use Fake Email Addresses
Make your passwords more secure by combining phrases you can remember, adding spaces, changing letters to numbers and to create a combination that hackers can’t guess.
Implement trash email addresses such as firstname.lastname@example.org, email@example.com, firstname.lastname@example.org. Many email providers offer the feature to create multiple accounts. These emails can be linked to your usual inbox, but in case an email address will be compromised you can immediately identify the cause and delete the address by replacing it with a new one.
- Peter Schaudeck, Senior Channel Manager for Central & Eastern Europe at Avecto
8. Treat every day like World Password Day
"Everyone should try to make cyber-world a more secure place. Reset and replace your old, weak passwords with "strong" passwords that are at least 12 characters in length. Use a password management tool like Last Pass, and don't forget to employ Two-Factor Authentication on all your online accounts." - Ananth Appathurai, VP of Strategic Alliances at Avecto