<img alt="" src="https://secure.hear8crew.com/200390.png" style="display:none;">
CMI Blog

12 Best Password Practices for World Password Day 2022


As the business world modernises, operating a successful business without using technology is practically impossible. While innovative technical solutions are facilitating many advantages in increasingly competitive markets, there are also some significant difficulties and vulnerabilities that can arise. As a result, cyber security has become increasingly important in recent years.

If you’re looking to ramp up your cyber security, password protection is the ideal starting point. Password protection is the act of setting a password to secure an entity’s data. Only those users with the correct passwords can access sensitive information or accounts once data has been password protected. However, as passwords have become so frequently used in both our business and personal lives, many people tend to underestimate their significance or make careless mistakes, which could result in security breaches.

 

Therefore, it is essential that businesses devise effective strategies to educate their employees about the best practices of password use. 

 

6 Password “Don'ts”

If you want to protect the confidentiality of your passwords, there are six actions you should never take.

1. Don’t write down your passwords physically

Although you might be under the impression that writing down your passwords ensures that you will not forget them, while making it more difficult for cyber criminals to steal your passwords online, it opens an opportunity for someone to steal your passwords locally.

2. Don’t save passwords to your browser

Web browsers are not a safe place to save any sensitive information, including passwords and credit card numbers. They can easily be compromised by a wide range of malware, software and browser extensions, meaning that confidential data can be extracted from them.

 

man-typing-on-laptop

3. Don’t iterate your password

Iterating your password involves changing it very slightly for different accounts – for example, NewCMI1 to NewCMI2. While many users think this will increase their password security, it is actually unlikely to protect against more sophisticated cyber threats. As the cyber security landscape has evolved, hackers have become more advanced and can now track iterated passwords quickly and easily.

4. Don’t use the same password across multiple accounts

If you do, in the unfortunate eventuality that one of your accounts is compromised, you are giving cyber criminals a golden ticket to gain access to all your other accounts.

5. Don’t capitalise the first letter of your password

When faced with the ‘one capitalised letter’ requirement, many of us tend to automatically capitalise the first letter of our passwords. While this might seem convenient, hackers are aware of this trend and so it makes it far easier for them to guess where the capitalised letter is positioned in your password.

6. Don’t use “!” to conform with the symbol requirement

When setting a new password, often users are required to include a special character or symbol. Unfortunately, the exclamation mark is the most commonly used symbol, making it the least secure. If you must include it in your password, ensure that you do not place it at the end as this is most obvious. Positioning it anywhere else in the sequence will make your password far more secure.

 

 

6 Password “Do's”

If you want to increase your password protection, these six actions are definite ‘do’s!

1. Increase the complexity of your passwords

Ideally, your passwords should be long and phrase-based, and you should exchange letters for numbers and symbols. For example, if you wanted the password ‘New CMI Limited’, you should write it as ‘n3wcM!lim?t3d’. This makes it far harder for cyber criminals to crack your password.

2. Change important passwords every three months

If you use a password for a long period of time, hackers are given more time to crack it. For passwords protecting confidential information, the consequences of data compromise would be severe. Therefore, you should ensure that you change your critical passwords every three months.

3. Change non-critical passwords every six months

In order to do this, you must establish which passwords are critical and which are not. However, whether or not a password is deemed critical, changing them regularly is good practice to ensure they are not compromised over time.

4. Implement multifactor authentication

Introducing multiple layers of authentication, including passwords, keys and biometric data, is an excellent way to block cyber criminals from accessing sensitive data.

5. Increase the length of your passwords

You should always use passwords that are longer than eight characters and include letters, numbers and special characters (symbols). This makes it more complicated for hackers, and therefore harder for them to crack.

6. Use a password manager

A password manager is a software that securely stores, manages and generates passwords. This relieves the burden of remembering lots of complicated passwords and frees up time to focus on more important and productive tasks.

 

Do you need a password manager? We can help.

Adhering to these password best practices requires a significant investment of time, effort and resources on your part. Therefore, it is best to work with cyber security experts like CMI, who can help to ease the burden, enhance your security posture and provide complete peace of mind. Get in touch with our security experts today for a no-obligation consultation.

 

Get in touch

 

Graham Stead

Written by Graham Stead

Graham joined CMI following the acquisition of his previous business in 2016, having successfully run that for business for 20 years. Graham's absolute focus is on making sure that we consistently hold our clients central to everything that we do, and is often heard repeating our mantra "we exist to make a significant positive impact on our clients business". Graham and his team work closely with our clients to educate, inform, and ultimately to provide technology that delivers that positive impact. Outside of the office, he is a huge supporter of Bone Cancer Research Trust and has raised over £130,000 for them in recent years.

Know someone who
would benefit from CMI?