“Passwords are like underwear,” as the saying goes. “You shouldn’t leave them out where people can see them. You should change them regularly. And you shouldn’t loan them out to strangers.”
How many sites do you log in to with a username and password each day? How about apps on your smartphone or tablet? If you were to count how many accounts you have online – between personal and business logins for email, online banking, loyalty programs and social media sites – is it 10? 50? 100?
When we first starting using passwords, most were insecure and ineffective – not to mention inconvenient. We all had passwords such as “password,” “password1” and “12345678.” We scribbled them down on sticky notes and attached them to our monitors, and then complained vehemently when the change password screen popped up every 45 days.
Oh how times have changed! Today, you should consider your passwords to be sensitive material. Treat them no differently than you treat your credit cards. Make sure they are secure and change them regularly – as often as four times a year, or sooner if you believe it has been compromised. Changing your passwords quarterly is especially important for email, domain login and online banking.
A standard eight-character password with moderate security can be hacked within two to four hours. In comparison, passwords or passphrases of 12 characters with high complexity would take 17,000 years to breach.
Here are some password recommendations:
- Use passphrases instead of passwords or a string of characters and digits. Passphrases can be easier to remember. For example: “Myd0gisSamm@”
- Use upper and lower case letters, numbers and special characters in passphrases.
- Never use complete words within a passphrase.
- Change passphrases routinely.
- Never share passphrases with others.
- Be cautious of shared computers that do not have current virus detection programs installed on them, such as hotel data centers, publicly used computer kiosks.
- Change passphrases after using a shared public access computer.
- Use two-step verifications when available.
A business should be concerned with many areas in their IT environment. Be sure to take ownership of your data and guarantee the security of that data. Contact your trusted financial advisor for more information on how you can protect yourself and your information.
This article was originally published in Illuminations: Facts & Figures from people with a brighter way, a Rea & Associates enewsletter, 5/22/2013.
Note: This content is accurate as of the date published above and is subject to change. Please seek professional advice before acting on any matter contained in this article.