A complex password policy is essential for your organization or personal online security. Attention to password security best practices and tips will protect you, and your organization against cyber-attacks and data breaches.
The challenge is to have a complex password, which is easy to remember without compromising login authorizations or adopting poor password practices that may jeopardize the organization’s security solutions, such as having the same password for multiple accounts
Many organizations do not realize there are easily available tools (John the Ripper), to break the password, these tools rely on poor password practices.
Tips for better password practices.
- Use a passphrase made up of several random words, (characters, numbers, and symbols) rather than a single word. E.g., C3rf0rt1&#
- Strong passwords are easy to remember but hard to guess. “I am:)2b20!”. This has ten characters and says “I am happy to be twenty!
- Never write it down. Some people have the habit of writing their password down for easy remembering, password should never be in an open place use a password manager instead.
- Change your password every few months and avoid reusing former passwords.
- Do not share passwords with any person. Your trusted friend now might not be your friend in the future. Keep your passwords safe by keeping them to yourself.
- Use a password manager. A password manager is a secure application that stores multiple passwords, it is to remember passwords without the user having to write them down or memorize them.
- Do not use personal information e.g., Name, address, pet’s name, etc. as passwords. Also, avoid using sequence numbers such as ‘12345’ or ‘abc123’
- Use different passwords for each account.
- Avoid entering passwords when using unsecured Wi-Fi connections (like at the airport or coffee shop)—hackers can intercept your passwords and data over this unsecured connection.
- Always log off if you leave your device and anyone is around. It only takes a moment for someone to steal or change the password.
- Where possible take advantage of 2-FA authentication, it offers an extra layer of security.
- Use comprehensive security software and keep it up to date to avoid keyloggers (keystroke loggers) and other malware.
- Always keep your system and software up to date with the latest patches. New patches block known vulnerabilities.
There are many ways to increase cybersecurity for businesses. The ideas above are a few ways to get started. A well-trained and knowledgeable person is the first line of defense against cyber threats.
Credits:
2021 Security Benchmark Report – Cybersecurity For Any…
https://cloudsecurity.cisco.com/cisco-securex/stop-threats
ICS Cybersecurity Basics