According to a 2020 study conducted by Stanford University, almost 90% of cyber security breaches are caused by human error. Though there are a variety of factors that contribute to this statistic, one of the main offenses is poor password hygiene. “Password hygiene” is the practice of ensuring your passwords are unique, secure, and difficult to crack. You can do your part toward improving your password hygiene by following these three easy tips:
- Create a strong (and memorable) password
We’ve all been told to avoid common passwords such as “123456789” or “asdfghjkl,” but what really goes into creating a strong password? Statistically speaking, the most difficult passwords to crack are at least 16 characters and are comprised of a completely random assortment of letters, numbers, and symbols. However, if you are prone to forgetting your passwords, you’ll find that what you gain in security with this option you begin to lack in convenience. A quality alternative to this is using what cybersecurity professionals refer to as a passphrase. A passphrase is a sentence-like string of words that is easier to remember than a traditional password and is used to authenticate a user’s identity. An example of a passphrase would be “Cartoon-mouse-tugboat-S1nging.” This particular passphrase contains a quality mixture of letters, numbers, and punctuation, while still remaining memorable.
- Store your passwords securely
Whether you are working from home or in an office environment, you are susceptible to having your password stolen. The best way to organize your passwords and to keep them safe is to use a password manager. Gone are the days of writing your password down on a sticky note and keeping it on your desk! Password managers are digital vaults that can securely store your login information for a variety of sites. While there are a slew of password managers offered for all different kinds of devices, some of the more highly reviewed software downloads are “Last Pass,” “KeePass,” and “Bitwarden.”
- Be cautious of where you enter your passwords
Hackers can use social engineering to collect employee credentials and gain access to an organization’s network. The most common way this attack is implemented is through phishing emails. Phishing emails are sent by hackers impersonating a legitimate person or organization in an attempt to gain personal information from the recipient (such as user logins and passwords). If you are suspicious of the legitimacy of an email that is requesting you enter a username or password, it is important to NOT click any links or attachments that are included in the message. To make any edits to your credentials for a website, open another tab and type in the websites URL directly into your browser.
With cybercrime on the rise, it is important that we do our part to protect both our own data, as well as our organization’s. By following the aforementioned tips, you can help ensure you are an asset to your organization’s security infrastructure, rather than just a part of another statistic. Ensuring you are maintaining proper password hygiene is one of the easiest and most effective ways to keep your information safe.