Following the best cyber safety practices in your organization can go a long way in improving your cybersecurity posture. People often undervalue the usefulness of just mastering the basics. Of the basic cybersecurity practices, your password strength is possibly the easiest one to get right. By adhering to the recommended norms for password strength, you can considerably reduce chances of account infiltration.
So, what are the latest guidelines for the best password strength? And what are the dos and don’ts of setting your password? The following few minutes of reading through may teach you something new.
Password Strength VS ‘Crackability’
Security.org recently conducted a survey and pulled up statistics on how long it would take a script running on a computer to crack your password. It considered the number of characters, and the combination of certain rules as against the number of years it would take for an automated script to crack the password.
So, how does your password strength fare against the above findings?
6 practices to follow (and stay away from) for the best password strength
Well, the above table is indication enough what sort of alphanumeric characters you need to use to make your password stronger, so we won’t delve into it again. However, there are a few other considerations for ensuring your passwords are as secure as possible.
- Don’t use easy to guess personal information as your passwords. This includes birthdays, names of your pets, favourite movies etc.
- Although it is tempting, don’t use something that you feel only has meaning to you. With social engineering and patience, a dedicated hacker can find this info about you.
- Don’t keep the same password for more than 1 account.
- Cultivate the habit of refreshing your password every two months.
- Don’t store your passwords on pieces of papers because ‘hackers can’t get to it’. Maybe not, but what about your co-workers? Also, infiltrators physically scouting their place of attack is not so uncommon, despite what you may believe.
- If you store your passwords on a single notepad file / Excel, don’t use obvious filenames like “Passwords” or “Credentials”. Also, for additional security, encrypt these files with a password.
We’ll throw in a bonus one: USE 2FA. This is an obvious practice that goes beyond just password strength, but you’d be shocked how many people still don’t use it. If you want a refresher course in the importance of multi-factor authentication, read about this Microsoft infiltration case.