Cybersecurity: Everything You Need to Know About Passwords

Cyber, Property & Casualty, Risk

Passwords are a mundane, yet very important, aspect of cyber security, like a physical key kept on a keychain. We have keys to prevent unauthorized access to our home, vehicle, and workplace. Passwords are digital keys that protect access to our information. While it is critical that you use a second method of verification such as multi-factor authentication, your password is your first line of defense against a bad actor obtaining access to your network.

Password Recommendations

Long Passwords

We recommend that you use a long password to prevent brute force attacks. A brute force attack is when the attacker uses software to repeatedly attempt logins using permutations of letters and numbers.

A long password makes brute force attacks exponentially more difficult. For example, a four-digit number-only password could be cracked in under a minute, whereas an eight-character password using letters and numbers could take days. Passwords should be a minimum of eight characters, and even longer is better.

Avoid common phrases

Avoid using words found in a dictionary of any language or common phrases as passwords. Attackers will use software with a wordlist in so-called dictionary attacks. These wordlists also include common phrases and passwords such as “password” or “123456”. It is also a good idea to use a password that consists of numbers, letters, and symbols.

Create fresh passwords often

You should avoid reusing passwords for the various systems you have access to. If you stick with a standard password, and an attacker figures out that password, then they have access to all your accounts rather than only one. Passwords should be changed once each quarter.

If it’s easy to remember, it might not be a great password

Avoid using passwords that include information easily accessed. For example, many of us have our children’s name, pet’s name, and birthday available on social media. While this information is easy to remember, it is not suitable for use in a password. Furthermore, it is a bad idea to write down your passwords and leave them next to your computer.

Password Management Software

It can be challenging to remember your passwords, especially if you are using different passwords for your various accounts. A solution for this is password management software. Password management software randomly generates secure passwords and secures them via a master password. If you use password management software, remember to use a master password that is complex, yet easy to remember. Mnemonics are a good tool to remember complex passwords.

While passwords are not the most exciting aspect of cyber security, they are incredibly important, as passwords are the first line of defense against cyber-attacks. Good password hygiene will go a long way in helping avoid the stress and expense of a cyber incident. Reach out to your M3 account executive to discuss how you can encourage your employees to utilize secure passwords to shore up your cybersecurity efforts.

Back to Insight Center