October is Cybersecurity Awareness Month (CSAM) and is dedicated to raise awareness about the importance of cybersecurity. With the theme, ‘Secure Our World’, are reminders of how you can protect yourself and organization from online threats.
Passwords are not going away. They are the first line of defense to protecting your digital assets. Add in multi-factor authentication (MFA) for an additional layer of protection.
Three simple rules for creating your passwords:
- Long – Shorter passwords are easier for criminals to guess and hack. A longer password (MOREnet Security and DESE recommend a minimum of 15 characters) will make a password stronger. Replace a password with a passphrase. A phrase is easier to remember.
- Complex – Most online sites require complexity in creating a password. This means a combination of upper/lower case, numbers and special characters. Some websites will allow for spaces. Even if a website does not require complexity, it is a good practice to use this consistently.
- Unique – Each account needs a unique password. If your password should become compromised, and you used the same password on multiple sites, you could be more vulnerable to more compromises. If one account is compromised that has a unique password association, your other accounts will remain secured. And never reuse old passwords or alter them minimally by adding a number to the end.
The National Institute of Standards and Technology (NIST) recommends that if these guidelines are followed, it is unnecessary for frequent password changes. However, attention should be paid to users with access to highly sensitive assets. It may be necessary to apply a stricter set of rules regarding password resets.
We have so many online accounts and each will need a unique password. The best way to keep track of them is with a password manager. There are many free versions of password managers that may be suitable for most users.
A password manager keeps a vault of all your passwords and you only need to remember the master key to unlock the vault. All the passwords in the vault are encrypted so even if a cyber crook got ahold of the database, they would not be able to access the passwords without the master password.
Password managers are easy to download and install. They work across multiple platforms. They can create complex passwords for you.
Take this opportunity to use CSAM recommendations to Secure YOUR World.
Resources:
Passwords