Time to Check Your Passwords?
It’s been a quiet couple of weeks – I haven’t heard anything in the news about security breaches. But that doesn’t mean it’s OK to let your guard down! According to the PCI Security Standards Council, 81% of hacking related breaches used stolen or weak passwords. So what does this mean for you? It means that now is a good time to think about updating passwords and making sure you and your employees are all following best practices for them. This includes changing them regularly, never sharing them, and making them hard to hack and steal.
Here is a simple list of Do’s and Don’ts when it comes to passwords.
- Change your passwords often – at least every 90 days.
- Use strong/complex passwords, with a minimum length of at least seven characters, using both numeric and alphabetic characters.
- Use a different password for each account.
- Use two-step authentication to sign in to your accounts. Using this method, a code is sent to your phone. Then you enter the code before you can sign in – even with the correct password.
- Use a password manager or vault that encrypts your passwords. This helps you to easily keep track of many passwords, while keeping them safe from intruders.
- Don’t use the same password for multiple accounts.
- Don’t share your password.
- Don’t use group, shared, or generic accounts and passwords.
- Don’t use default passwords from vendors. This may include
- Don’t use a password that is the same as any of the last four passwords you have used.
One more thing – Stop and look before you enter that PIN or password, whether it’s on your phone or at the register, and don’t enter your credit card where someone else can see your screen. If you do, you’re not being paranoid – you’re protecting yourself.