Weak passwords are a common entry point for cybercriminals, leading to data breaches and potentially devastating consequences. Whether you’re a business owner safeguarding sensitive client information or an everyday internet user looking to enhance personal safety, strengthening your passwords is a vital step. Here’s how you can do it effectively:
MAKE PASSWORDS LONG
Length is one of the most critical factors in password strength. A longer password is exponentially harder for cyber attackers to crack. Aim for at least 16 characters—longer truly is stronger. According to a study by the National Institute of Standards and Technology (NIST), increasing password length significantly enhances security by making it more resistant to brute-force attacks. Consider incorporating different types of characters, such as numbers and symbols, to further complicate potential breaching attempts. For example, transitioning from “password123” to “P@ssword2!2!2023!” greatly increases security.
MAKE PASSWORDS RANDOM
A random password is unpredictable, making it difficult for hackers to guess. Here are two ways we suggest creating random passwords:
Use a Random String of Characters:
Create a sequence that includes uppercase and lowercase letters, numbers, and symbols. This method provides the highest level of security. You could use password generator tools to simplify this process. For instance, “G7&dR#4hLp9!” is an excellent example of a complex password.
Create a Memorable Passphrase:
Alternatively, you can use a series of 5-7 unrelated words to form a passphrase. This approach balances security with memorability, making it easier for you to recall while still being secure. For example, “Sunflower!Piano$Dragon#Lemon?” combines randomness with ease of memory.
MAKE PASSWORDS UNIQUE
Reusing passwords across multiple accounts is a significant risk. If one account becomes compromised, all linked accounts are vulnerable. A study by LastPass found that the average person reuses passwords up to five times, which increases exposure to cyber threats. Ensure each account has its own unique password.
USE A PASSWORD MANAGER
Utilizing password management tools can help you keep track of different credentials without sacrificing security for convenience. A password manager creates, stores and fills passwords for us automatically. Then we each only have to remember one strong password – for the password manager itself. Search trusted sources for “password managers” like Consumer Reports, which offers a selection of highly rated password managers. Read reviews to compare options and find a reputable program for you. Ask if your organization has a preferred password manager approved for your use.
CYBERSECURITY AWARENESS MONTH
October is Cybersecurity Awareness Month. While there are all kinds of ways to keep your data protected, updating your password security can make a big difference. When we choose strong passwords, we make it much harder for someone to steal our data, money and identities. Password security is the first cybersecurity best practice we’re highlighting this month. By making them long, random, and unique, you enhance your online security and protect your valuable data. Start implementing these strategies today to secure your digital presence and #secureourworld.
Written by: Chris Zambuto | Chief Information Security Officer @CMITBostonCambridge
