For most of us, a password is an annoyance that stands between us and our ability to do our work. To the outside world, however, a password is the barrier that stands between our data and the thieves that would want to do us harm. Passwords do so much for us: they protect us from outside intrusion and theft; they protect us from co-workers who overstep their bounds. They allow us to keep track of change of data and so much more.
Not all passwords are created equal. Just like all barriers are not created equal. You might think, “Who would want my data? There is nothing special here.” The answer might surprise you...
So what should you do to protect your data?
Use a complex password.
Minimum 8 characters. No dictionary words, with numbers or punctuation or unique characters utilized. Bad= Madison, Good = St1ck7M3#
- These can be hard to memorize
- The shorter the password the more often it should be changed
- Should be changed every 60 days
Minimum 15 characters. Phrases work really well and are easier to remember. People are afraid of this option until they realize the benefits below:
- The longer the password the harder it is to guess or crack (you can go as long as 6 month with this pick)
- They can be phrases that are easy to remember but impossible to crack like: Homefortheholidays# or Iluvchocolates! or even “Too cool for School!”
- When you are ready to change the password, you simply have a new mantra for that 6 months
The longer the password is ‘in the wild’, the greater the risk potential of breach. This is why changing it is so important.
Never... Tell someone your password or give it out by email, phone or fax. If a legitimate colleague needs to use it and you approve, offer to type it in for them and then obstruct their view while doing so. Then supervise and log out when finished.
No... Legitimate source will ever ask for a sensitive password by email
Group Passwords... in a group privilege environment can happen if proper safe guards and your policy clearly defines user rolls and access.
Always... change your password according to your established company policy
Change... If your password is a dictionary word like these common passwords: password, auburn, your name, monkey, football, love, god, query, company name, etc.
Always... Be familiar with and follow your company’s password policy.