Password Best Practices

Password Best Practices

The weakest link in your cybersecurity set-up may also be the most overlooked aspect: your passwords.

Think about it. When you open an account, how much time do you spend considering your password? A few seconds? Or, even worse, do you just reuse the same password for every account?

Password Guidelines for Better Security

Research continues to evolve regarding password best practices in order to stay ahead of cybercriminals. While some of the following advice may sound familiar, others are based on new information.

Don’t get personal: Your job is to make life difficult for a hacker. Providing personally identifiable information (PII) in your passwords—such as your name, birthdate, home town, house number or pet’s name—that cybercriminals can uncover through public records or social media accounts gives them a head start at cracking your passwords.

Emphasize length: Generally, longer passwords are less likely to be cracked. Focus on generating passwords that are at least eight characters; even bumping them by a few more characters makes your password exponentially harder to guess.

Enable the “show password” option: How many times have you been frustrated by being unable to see what you’re entering in the passcode field of your log-in screen because it’s disguised? Some companies now allow you to clearly view what you’re typing.

While it seems counterintuitive, making your password visible can be a good idea (when you’re in a secure environment). It enables you to catch your typing mistakes, and avoid unnecessary password resets due to mistakenly thinking you’ve forgotten your password. Resetting passwords too often leads to an increased potential of data exposure.

Be careful where/how you enter passwords: Entering your passwords on public or shared computers or when using public Wi-Fi intensifies the risk of having your passwords compromised.

If you’re forced to use a public computer, log off after your session and check to make sure the computer didn’t automatically save your password. And if you enjoy browsing your accounts while outside your home, access them through a hotspot created with your phone or a virtual private network (VPN), which provides a secure, encrypted connection instead of trusting public Wi-Fi.

Use multi-factor authentication: Applying multi-factor authentication (MFA) can strengthen your password security by protecting access to your accounts. MFA requires you to provide two or more credentials when logging into your account. Doing so makes it more challenging for hackers because they’ll need to supply more than your password to access your account.


    • Related Articles

    • Remote Password Change

      Establish a VPN connection using the SonicWall netextender. Press CTRL+Alt+Delete and then choose "change password". Once your password is changed, press CTRL+Alt+Delete and click Lock Computer. make sure the VPN connection is still established. Then ...

    • Password security Standards

      Scope: This standard covers the minimum password requirements for all electronic devices owned or leased by A-Z Bus Sales that can be protected by a password. Purpose: To ensure that all electronic devices are secured by a password of a certain ...

    • Password complexity requirements

      Password must meet complexity requirements This security setting determines whether passwords must meet complexity requirements. Passwords must meet the following minimum requirements: Not contain the user's account name or parts of the user's full ...

    • Firefox, how to disable the Password Manager

      For Firefox users on Windows: Click the Menu button in the top right of your browser and click Settings Click Privacy and Security on the left Scroll down to the Logins and Passwords section Uncheck Ask to save logins and passwords for websites. For ...

    • Google Chrome, how to disable the Password Manager

      Once you start LastPass, it’s a good idea to turn off Google Chrome’s built-in password manager. Otherwise, you will have two pop-ups asking you to save a password, every time you log into a website. Turn off the Google Chrome Password Manager by: 1. ...