Password Policy

Every organisation needs a good password policy that users are informed of to keep business information confidential. Remember that one of the best defences against hacking you can have are users that know how to spot phishing attacks and use secure passwords. Below is a list of useful tips you can use when creating a password.

  1. Don’t use your name or username in the password. Since an attacker will most likely already know these if they are in a position to hack your account, it can narrow down the list of passwords they need to test by a lot.
  1. Avoid common passwords. These passwords are often among the first that attackers check, passwords like “password,” “password1,” “123456” and “1234567890” can all be cracked in under a second.
  1. Passwords can be made with uppercase, lowercase, symbols and numbers, however another type of secure password is a long passphrase with several random words. While cracking programs can run through every word in the entire dictionary, an added word increases the password strength to the power of the length of the dictionary, so a few random words can be uncrackable.
  1. Create unique passwords for each account. If an attacker gains access to one of your accounts they are still locked out from all others. A password manager can help keep track of passwords for different accounts so this doesn’t become an arduous task.

And most importantly:

  1. Use Two-Factor Authentication. 2FA is the best and most secure way to prevent attackers gaining access to your information, it ensures that even if all your passwords are known, the account cannot be logged into as they will not have physical access to your phone.

Remember that in addition to all these, the best way to keep people out of your account is to know when a call or email is suspicious and not give them any information they could use, especially your password. You are often the first line of defence against anyone trying to gain access.