World Password Day 2022

MSP Professionals Share Password Security Tips On World Password Day

May 5th, 2022 marks World Password Day, the perfect time for all of us to take stock of our password security habits. Whether we’re creating new passwords or trying to maintain the ones we already have, it’s important to understand the key factors that contribute to effective password security.

For starters, it’s crucial to always use a strong, unique password for each of your online accounts. This means using a combination of letters and numbers, and avoiding common keyboard patterns like sequences of numbers or letters on the same row of the keyboard. You should also avoid using any personal details that could be easily guessed, like the names of family members or your favorite hobbies. A good way to ensure that your passwords are both unique and secure is by using a password manager like LastPass or 1Password – these tools encrypt your various login credentials and require you to log in with just one master password instead.

Additionally, experts recommend that you regularly update your passwords and avoid reusing old passwords on new accounts. Time-based changing can be a great way to rotate through different passwords seamlessly – simply set up a schedule so that all your passwords will be automatically updated at regular intervals. With these best practices in mind, you’ll be able to safeguard your account information and keep your online presence secure.

How do you keep your passwords secure?

Top MSP professionals share their password security tips and best practices.

“Size matters! The single best thing that any user can do to improve password strength is to increase the number of characters. A 12-character password is exponentially stronger than an 8-character password. As users update or create passwords, they should go beyond minimum character requirements and make them as long as possible.”

Michael Anderson
https://www.365tech.ca

Multifactor authentication on everything.”

John Cannatta
https://www.techspertsllc.com

“If you can remember it, then it is too easy or overused.”

Robert Giannini
https://www.giaspace.com

Use a passphrase instead of a password. This will be easier for you to remember but harder for a computer to break. Ideally, your passphrase should be three to four words and have one word that is not in the top 500 words in the English language. For example, TornadoBubbleHeadset would be way more secure than either Tr0ubl3! or something like GreatBlueCar. Tornado Bubble Headset has unique words that a hacker is unlikely to try. Add a couple of numbers and a special character and you have a very difficult password to decrypt.”

Jon Fausz
https://www.4bis.com

“Use a legitimate password manager tool – not what is built into your favorite web browser. By using a password manager with MFA enforced you are able to break free from 2 really bad habits. 1. Using the same password for multiple sites/services. 2. Using a password that is easy to remember and not complex.”

Eric Schueler
https://www.hrct.net

We have found that adding a space in the middle of your password does create a more secure password. Most password cracking tools do not account for space. So, an example using “Pas sWord” instead of “PassWord” usually results in a much more secure password. To test out how secure your password can be, you can use the online tool https://www.security.org/how-secure-is-my-password/.

David Carreiro
https://www.ceutechnologies.com

“DO NOT use the same password for all your logins.  If there is a password breach with one of your providers, hackers will attempt to use that same password at many other usual providers and be able to access your accounts.”

Sruli Wolff
https://www.wolffadar.com

“The best password is the password you don’t know!  This means using a password manager program that picks random, secure passwords and generates a different password for each site.  These programs are easy to use and work from your desktop & phone so they are always with you.”

Michael Nelson
https://www.tlctech.com

“Pick a password manager and stick to it. It doesn’t matter which one it is but as long as it is utilized it is doing its job. Personally, I recommend RoboForm because it syncs well across my windows and mac devices but there are plenty of options out there.”

Holden Watne
https://www.generationix.com

“Password management has become a major focal point recently and, in many cases, the root cause of security issues.   Unfortunately, we are seeing more and more security breaches due to lax practices.  We have really started to turn up the volume with our customers in an effort to raise awareness and better protect their assets.

Aside from such low-hanging fruit as enabling two-factor authentication, wherever possible, and dark-web monitoring of compromised email accounts, the best practice is the oldest and most obvious: Change your passwords on a very frequent basis and do not recycle passwords between different accounts.  If keeping track of the different passwords is a concern, get a password manager to assist.

There is nothing complicated about ratcheting up password security.  However, a willingness definitely needs to be made on the client-side to adopt better hygiene.”

Jeremy Kushner
BACS Consulting Group, Inc..

Why Complex Passwords Are Essential?

Complex passwords are essential for protecting your online accounts and data. These passwords typically have a combination of letters, numbers, and symbols, making them much harder for hackers to crack. To create a strong password that is both unique and secure, it’s important to avoid using any personal details or common keyboard patterns in your password.

There are a few different reasons why using complex passwords is so important. First, if a hacker does manage to guess or brute force their way into one of your accounts, they will likely try to use the same password on other sites in an attempt to gain access to more of your personal information. By using a unique password for each of your online accounts, you can help prevent unauthorized access to your accounts and data.

Second, hackers often use software tools or bots to try to guess passwords by performing brute force attacks on online accounts. Complex passwords that have a combination of letters, symbols, and numbers are far more difficult for these automated tools to crack, making them an essential part of keeping your data safe.

Finally, even if a hacker does manage to guess or brute force their way into one of your accounts, they will likely only have a limited amount of time to access your data before the account is locked or the password is reset. By using a complex password, you can help ensure that the hacker will not be able to gain access for long, allowing you to take steps to limit any potential damage. In short, complex passwords are essential for protecting your online accounts and data from hackers, and should always be a top priority when it comes to safeguarding your digital information.

Small Business Guide To Complex Passwords

As a small business owner, it’s important to make sure that your data is protected from hackers and cyber criminals. One of the best ways to do this is by using complex passwords for all of your online accounts. By using a combination of letters, symbols, and numbers in your passwords, you can make it much harder for hackers to gain access to your accounts and data.

Anthony Bounaspina with LI Tech Advisors shares some of his recommendations on this World Password Day.

How to use and remember strong and unique passwords for each of your online accounts:

  • Using a unique password on each of the websites you visit is important in case that website gets hacked allowing a hacker to use those credentials on other websites that you may have accounts with and use the same credentials, including financial institutions to gain access.
  • Create and commit to memory a core password – something like Defen$e*2468!
  • You can test the strength of your core password using the following website: https://www.security.org/how-secure-is-my-password/
  • For every website you visit, use your core password and vary the first and last letter based on the website being accessed.
  • Sample primary core password: Defen$e*2468!
  • Website examples:
  • Staples:        SDefen$e*2468!s
  • BestBuy:      BDefen$e*2468!y
  • Amazon:      ADefen$e*2468!n
  • This will help guarantee that you are using a unique password for each and every website.
  • And of course, use two-factor authentication where possible.

What Is Two Factor Authentication?

Two-factor authentication (2FA) is an additional layer of security that can be used to protect your online accounts. When 2FA is enabled, you will be required to enter both your password and a one-time code that is generated by an authenticator app on your smartphone whenever you try to log into your account. This makes it much harder for hackers to gain access to your accounts, even if they manage to guess or brute force their way into your password.

There are a number of different 2FA apps available, but some of the most popular options include Authy, Google Authenticator, and LastPass Authenticator.

In conclusion, using complex passwords is one of the best ways to protect your online accounts and data from hackers. By using a combination of letters, symbols, and numbers in your passwords, you can make it much harder for hackers to gain access to your accounts. In addition, by using a unique password for each of your online accounts, you can help prevent unauthorized access if one of your accounts is compromised. Finally, by enabling two-factor authentication, you can add an extra layer of security to your accounts and further protect your data from cybercriminals.

Happy World Password Day! Be sure to celebrate by making your passwords as strong and secure as possible.