Although the tech industry is slowly beginning to move away from requiring us to use passwords each time we wish to log into our online accounts, we are likely to be still using them for a long time to come. This blog post is to highlight the importance of using strong & unique passwords plus there are tips on what not to do when creating them.
The Importance Of Strong & Unique Passwords
Most of the time there are only two things keeping hackers out of our online accounts. The first required credential, the username, tends to be either your email address, name or mobile number so this poses almost no challenge for someone trying to gain access. That means your password is the only true barrier keeping unauthorised people out and unfortunately very often these passwords are just simple dictionary words, names of popular items or other readily accessible information such as the user’s date of birth.
Most people reuse the same passwords for different accounts so that they are easier to remember, but the problem is if a hacker guesses your credentials correctly for one account then they will have access to more of your online accounts.
This is precisely what anyone hacking into your accounts wants and it is what makes their effort all the more worthwhile. Once they have access to multiple accounts it’s easier for them to temporarily steal your identity. They may be intent on causing serious harm to the reputation of your business, steal from your clients with invoice fraud or perhaps want to directly drain your bank account.
Your bank, insurance company or the website owner may or may not reimburse you financially, but what is certain is that your good reputation and trust of your clients will be more difficult to repair.
Good Password Management
Below is some useful information we have put together to help ensure you and your staff are implementing good habits in password management.
We recommend using passwords that do not contain dictionary words. Be sure to use a mix of random letters, both upper and lower case, plus numbers. For example gQa$n390&jdDf isn’t going to be guessable, but JohnDeer678 is. Below is some useful tips for what to avoid when thinking up a new password:
Don’t use the same password for multiple accounts
Don’t use dictionary words
Don’t use sequential numbers or letters, i.e. 5678 IJKL
Don’t use information that is known or can be found out easily, i.e. your date of birth or address
Don’t use names, i.e. MassyFerguson123
Don’t use character substitutes, i.e. H3LL0 8allym3na
It’s ok to write your passwords down if you really need to, but if so then we advise to do it offline somewhere safe and secure such as inside a book or magazine as long as they have no apparent reference to what they relate to should anyone ever come across them.
Alternatively you can use a dedicated password manager, but keep in mind that you are trusting the company who operates the password manager not to get hacked and that they are as vulnerable as anyone else.
The better solution is to simply leave it to our web browsers. Saying as our browsers can store all of our passwords there’s not really any need to jot them down or use password managers. For the rare occasions when you need to remember but have forgotten then it’s generally a straightforward process to fill out a password reset request, which should get you back into your account within minutes.