A Guide to the Best Password Practices in the Workplace

Let’s face it: we’ve all slipped up regarding password security. Whether it’s the ubiquitous “123456” or a password based on easily accessible personal information, many of us have taken shortcuts that leave our accounts vulnerable. Unfortunately, these common mistakes contribute to a troubling trend in online security. 

A 2021 study by NordPass, a leading password manager, reveals that over 2.5 million users have used “123456” as their password. This easily crackable password has been compromised in over 23 million data breaches. This alarming statistic underscores a critical need for better password hygiene in our digital lives. 

This article will equip you with essential tips and strategies for creating and managing passwords to safeguard your online presence. 

The power of passwords to protect professional apps

Passphrases are a more secure alternative to traditional passwords because they combine words or phrases that are easy to remember but difficult to guess. Here’s how to create and use effective passphrases:  

• Your passphrase should be at least 15 characters long, consisting of at least 4 words. You can also try using a technique called “room scanning” to create a passphrase based on items in your home (e.g., “Kitchen table Bedroom window”). 

• Instead of choosing individual words, create a password by selecting a phrase’s first letters, numbers, and punctuation. For example, “My favourite colour is purple” can be used to remember the password “MfciP!”. 

Tip 1: Use a password generator 

A password generator is a software tool that helps you create strong, random and customised passwords. Instead of making up your own password, which can be easy to guess, a generator creates a unique, complex one for you. You can often choose the length of the password and what elements it should include (like letters, numbers, and symbols). While this makes it harder for hackers to guess, it can also make the password harder for you to remember. So, it’s important to balance security with your ability to keep the password safe. 

If you’re seeking a user-friendly, reliable password generator, NordPass, Dashlane, and KeePass are popular options. 

Tip 2: Use a unique password for each account 

Don’t use the same password for your email, bank, and online shopping. If a hacker figures out your password for one account, they might try using it for all your other accounts. This is like using the same key to unlock all your doors. It’s much safer to use a unique key for each door. 

Tip 3: Opt for a password manager

Remembering all your various passwords can be challenging and writing them down in an accessible place is even riskier. Instead, consider using a password manager, which acts like a secure vault for your passwords. These applications safely store all your unique passwords and can generate new ones when necessary. Most password managers also sync across multiple devices, ensuring you always have access to your important passwords. Additionally, they offer website verification features; if you accidentally click on a phishing link and land on a fake site, the password manager won’t automatically fill in your password. Some popular password managers include LastPass, Dashlane, NordPass, Keeper, and RoboForm. 

Tip 4: Check your credentials for data breaches 

Another key practice for password security is to use a tool like Have I Been Pwned to see if your login information has been involved in any recent data breaches worldwide. The website offers a free service where you can enter your email address, click “pwned?” and quickly find out the status of your credentials. You’ll see a green message indicating no issues if your information hasn’t been compromised. If it has been exposed, a red message will show which data breaches your credentials were part of. This helps you determine which passwords you may need to change right away. 

Tip 5: Enable Two-Factor authentication 

Implementing two-factor authentication (2FA) adds an extra layer of security to your accounts by requiring two verification forms to confirm your identity. For instance, you might combine your password with a code sent to your mobile device. This makes it significantly more difficult for hackers to access your accounts, even if they have your password. Consider installing a second lock on your front door for added protection. Popular authenticator apps like Microsoft Authenticator and Google Authenticator can help facilitate this process. 

Tip 6: Update security questions 

If available, using a security question can bolster your online protection. However, choosing a question-and-answer pair that your contacts don’t easily guess is crucial. Providing random answers can confuse hackers and lead them off track. Additionally, periodically changing your security question is a wise practice, especially if you notice unread emails marked as ‘read’ in your account. Other effective security measures to consider include biometric options such as fingerprints, iris scans, or facial recognition, which offer an added layer of security by relying on unique physical traits. 

Distilled 

Strong passwords are the cornerstone of online security. By following the tips outlined in this guide, you can significantly reduce your risk of falling victim to password-related attacks. Remember, the time invested in creating and managing strong passwords is far outweighed by the potential consequences of using weak ones.