Passwords are everyday options for all of us – both personal and business. To keep our information secure, we are being asked to create longer and more complex passwords everywhere, but what are the good password practices that you should use?
I wondered if I had previously written something about passwords and I did Password Security – make your passwords secure with these tips back in 2021.
I think it’s now time for an 2023 update…
Characteristics of a Good Password:
The strength of a password is determined by its length, complexity, unpredictability, and variation. Let’s explore each of these options in detail.
Length
The longer, the better! 😏
Passwords with more characters are harder to guess or crack using brute force attacks*.
The standard requirement for most passwords is a minimum length of 8 characters.
However, it’s recommended to use passwords that are 12 characters or longer.
Next time you have to create a password, stop and read the notes – you’ll see 8-12 characters a lot of websites.
Longer passwords offer better protection against cyber-attacks, because they are harder to crack.
One option is to use three (or more) words as your password, or even make a phrase into your password (also known as a passphrase).
I do know of one company that requires a password of 21 characters – although they do use other biometrics (fingerprints, facial recognition etc) for daily logging in. 😏
*A brute force attack is a hacking method that uses trial and error to crack passwords, login credentials, and encryption keys. It is a simple yet reliable tactic for gaining unauthorized access to individual accounts and organizations’ systems and networks. The hacker tries multiple usernames and passwords, often using a computer to test a wide range of combinations, until they find the correct login information. From https://www.fortinet.com/resources/cyberglossary/brute-force-attack
Complexity
A complex password is one that contains a mix of uppercase and lowercase letters, numbers, and special characters/symbols.
For example, a strong password could be “P@$$w0rd”.
The use of special characters, numbers, and mixed cases increases the complexity of the password, making it harder to guess or crack.
Avoid using simple dictionary words or common phrases as they are easy to guess or predict.
Tip
Don’t put the capital at the beginning of the word.
Unpredictability
A good password is unpredictable. Avoid using information that is easy to guess or can be found online.
For example, using your name, date of birth, or pet’s name as a password is not a good idea.
Instead, use random combinations of letters, numbers, and symbols that have no connection to you or your personal information.
Of course it does need to be something that you will remember and be able to type in!
Variation
Using the same password for multiple accounts is not a good practice – actually it’s really bad.
And this includes the same password and just changing the number at the end! 😠
If one of your accounts gets hacked, the attacker can use the same password to access other accounts.
Instead use a unique password for each account.
A password manager can help you keep track of multiple passwords.
Note: Password managers are the next blog post topic 😁
Common Password Mistakes
Here are some common password mistakes to avoid:
Using easily guessable information: Avoid using information that can be easily guessed or found online, such as your name, date of birth, or pet’s name, favourite items (holidays, brands, etc), in fact anything that could be found in your social media.
Repeating the same password: Using the same password for multiple accounts is risky. If one account gets hacked, the attacker can use the same password to access other accounts.
Using personal information: Avoid using personal information, such as your family names, phone number, or address, as a password. This information can be easily found online and can be used to guess your password.
Writing down passwords: Writing down passwords on a piece of paper or saving them in a document on your computer or phone (without a password) is a bad idea. If someone gains access to the paper or computer, they can easily access your accounts.
Tips for Creating Good Password Practices
Creating and managing strong passwords can be challenging. Here are some tips to help:
Use a password manager: A password manager is a software tool that helps you create and manage strong passwords. It stores all your passwords in an encrypted database, and you only need to remember one master password to access them.
Use a passphrase: Instead of using a password, you can use a passphrase. A passphrase is a sequence of words that are easy to remember but hard to guess. For example, “mydogisverycute” is a passphrase that is easy to remember and harder to guess than a single word password.
Regularly update your passwords: It’s essential to regularly update your passwords to keep them secure. Experts recommend changing passwords every three to six months.
Avoid reusing old passwords: When updating passwords, avoid reusing old passwords. Use a unique password for each account.
Enable two-factor authentication: Two-factor or multi-factor authentication adds an extra layer of security to your accounts. It requires you to provide two forms of identification to access your account, such as a password and a verification code sent to your phone.
More and more companies are offering additional authentication. If it’s available, then I recommend setting it up. It might be a pain to have to enter more information, but “better safe than sorry”!
A Password for Each Account
(I know that I’ve already said this, but it is really important!)
As I said in a previous post (Let’s Talk Basic Cyber Security Essentials), once these people have a password of yours, they will search for other sites that you have an account with and try the password that they have, in the hopes that you’ve used it, or something similar before.
Solution – have a different password for each account.
This way if one password is revealed, it won’t affect any other account.
Check Passwords Through Your Web-Browser
If you store passwords in your web-browser (and who doesn’t), then you can also take advantage of a built-in option to check your passwords to see if they have been
Google Chrome
Microsoft Edge
Final Thoughts
Using strong passwords is crucial in protecting your personal and business accounts from cyber-attacks.
A good password should be long, complex, unpredictable, and varied, although you do need to be able to remember and type it.
Avoid using easily guessable information, repeating passwords, using personal information, and writing down passwords.
Instead, use a password manager, use a passphrase, enable two-factor authentication, and regularly update your passwords.
By following these tips, you can ensure that your online accounts are well protected.
Next Steps
Take a look at your passwords – yes all of them!
If some of your passwords don’t follow these suggestions, then don’t delay – update your passwords today following these good password practices.
Remember, a good password is the first line of defense in protecting your online identity.
Other Data Security Posts
Let’s talk basic cyber security essentials
How to stay safe from email scams
What are good password practices? (current post)
Do you really need a password manager?
How many email addresses do you need?
Recent Posts
- Gemini: Google’s New AI Superpower, Explained SimplyRemember when Google was just a search engine? Well, those days are long gone. Now, they’ve got a new AI toy called Google Gemini, and it’s pretty darn impressive. Think of it as a super-smart robot assistant, but one that lives in the cloud. What Can Gemini Do? The Pros and Cons of Gemini Pros:… Read more: Gemini: Google’s New AI Superpower, Explained Simply
- Unlock Your Business Potential: A No-Nonsense Guide to Claude AIAs a business technology trainer with three decades of experience, I’ve seen countless tools promise the moon and deliver a cheese sandwich. But when it comes to artificial intelligence tools, Claude AI stands out as a genuine game-changer for small business productivity. Whether you’re looking to automate daily tasks or enhance your business operations, this… Read more: Unlock Your Business Potential: A No-Nonsense Guide to Claude AI
- ChatGPT: The Ultimate Time-Saving Sidekick for Small Business OwnersHello, fellow small business warriors! Now, unless you’ve been living under a rock (or perhaps buried under a pile of invoices), you’ve probably heard of ChatGPT for business. It’s the AI chatbot people can’t seem to stop talking about. But what can it actually do for you, the small business owner? Let’s break down the… Read more: ChatGPT: The Ultimate Time-Saving Sidekick for Small Business Owners
- AI Assistants Under The Microscope: A Trainer’s Meta-ExperienceI wanted to write a first introductory blog to explain what’s happening or happened this month. There’s been a lot of talk about AI and there are now a range of options on the market. I thought it would be interesting to join my voice to everybody else. Time to share some thoughts and options… Read more: AI Assistants Under The Microscope: A Trainer’s Meta-Experience
- Why virtual desktops are great for screen sharingWhen it comes to screen sharing, there’s a really useful feature built into today’s operating systems. Yes, it’s both Windows and Mac – virtual desktops. Let me explain what I mean and how you can use it when screen sharing. What is a Virtual Desktop? A virtual desktop is like having multiple computer screens or… Read more: Why virtual desktops are great for screen sharing
a good password, good password ideas, good password practices
3 thoughts on “What are good password practices?”
Pingback: How to stay safe from email scams
Pingback: Let's talk basic cyber security essentials
Pingback: Do you really need a password manager?
Comments are closed.