We want to wish you a happy belated National Password Day. We’re very sorry that we missed observing this important event with you. We searched the aisles in our local Walgreens, but couldn’t find any Password Day greeting cards, much less belated ones. We promise to do better next year.
To make up for this oversight, we thought we would pass along some tips and tricks to improve your online security, and that of your business, related to passwords and more. LanScope Cat—our platform for protecting your business’s IT assets, securing your confidential data, and monitoring your workforce for best security practices—brings automation and scale at the network level. But there are just as many important things that can and should be done at the human level, so today we’re going to focus on that.
Keeping It Simple Is Stupid
Just because school is out, and just because you’re on holiday, doesn’t mean that you can take a break from security. Because the bad guys don’t take a break. According to the 2019 Verizon Data Breach Investigations Report (DBIR), 29% of confirmed data breaches resulted from weak credentials. And year after year, the most commonly hacked passwords continue to be 123456 and password. <https://www.securitymagazine.com/articles/89694-the-top-100-worst-passwords> Really? Yes, really.
What Is a Strong Password?
The best password is, somewhat obviously, one that is known only to you. That means that it should be long and complex, contain special characters, combine capital and lowercase letters, and be unique to one application that you use. That’s quite a mouthful, but with a little guidance, you can make it work.
Here are a few quick tips to create strong passwords:
-
- Choose your favorite song lyric or a quote from your favorite movie. Let’s use the example of this quote from Abraham Lincoln: “I will prepare and some day my chance will come.”
-
- Select the first character of each word in the quote: iwpasdmcwc.
-
- Now we have to enhance it to include more than letters. Choose a trick that you will remember. Select a character to replace for a letter, say $ for the letter s. If your daughter’s name is Patricia, then always capitalize the letter P. Applying these tricks results in the password: iwPa$dmcwc. That’s great, and pretty hard for someone to guess.
- Now the hardest part: do not, do not, use the same password across more than one application. You need a version that is unique to each application. A trick here is to use a letter combination from the service’s name, and apply it consistently. Let’s say you choose the first two letters. If it’s your favorite streaming service MoviesRUs, then take the first two letters MO and put them at the end: iwPa$dmcwcMO.
We encourage you to give this a try. It really does work, and you just need to remember four things: your phrase, your capitalization rule, your special character, and how to apply the uniqueness of each application.
Good Security in the Summer Needs More Than SPF50
Finally, beyond strengthening your passwords to make them uncrackable, here are some quick tips to follow to protect your devices, your business and your home before going away on holiday. These are easy things to do, so there’s no excuse.
- Power off your computer before you go.
- If you can, take your computer or laptop home; don’t leave it in the office. But do check that this is allowed by you company’s IT policy.
- Never leave your business laptop or phone unattended. That’s the critical first step in keeping them secure.
- Be attentive to what you post on social media. It’s pretty easy to figure out when someone’s out of town based on what they post to Facebook.
- Work with your IT administrator to back up important data, power off unused servers including cloud services, and review the policies and procedures to escalate in the event of an incident.
We hope you find these tips helpful to ensure you have secure passwords, strong security on your devices, and a great summer vacation. When National Password Day comes around again, we don’t want to be sending you a condolence card!