Password Advice

Password advice - spend the time to ensure your password is secure.

Don't Reuse Passwords - Even if your organization has not been breached, password reuse puts it at risk.  The cyber criminals know that if a password was ever used before, it's likely to be found again.  With a solid cracking dictionary, the cyber criminal never needs to resort to brute force guessing, and hashed passwords become only an inconvenience.  Cracking dictionaries and rainbow tables are commonly shared among cyber criminals.

Don't use commonly used passwords - Require every new password to be checked against a "blacklist" that can include repetitive or sequential strings, variations on the site name and the passwords hackers are most likely to guess.

Don't use compromised passwords - Make sure that your online accounts checks your user account against compromised credentials to ensure that you are not using or creating a password that is already known by cyber criminals.  Screening passwords against lists of commonly used or compromised passwords is of the best ways to ratchet up the strength of your passwords.  No site should be allowing the use of known, compromised credentials.
  • It closes a glaring gap which otherwise leaves your password layer completely open to credentials exposed in third-party breaches.
  • It ensures that your passwords are unique enough to not be reversible using cyber criminal cracking dictionaries.
  • Increase password length & simplicity - Keep passwords simple, long and memorable since longer passwords that are harder for hackers to break.  We are really bad at random passwords, so the longer the better. Length matters a lot more, which is why new guidelines call for a strict 8-character minimum and even suggested moving character maximums to at least 64. 
  • Phrases, lowercase letters and typical English words work well. Experts no longer suggest special characters and a mix of lower and uppercase letters. If you can picture it in your head, and no one else could, that's a good password.
  • Longer passwords that are harder for hackers to break. 

TFA - Two-Factor Authentication - Two-factor authentication adds a second level of authentication to an account log-in. When you have to enter only your username and one password, that's considered a single-factor authentication. 2FA requires the user to have two out of three types of credentials before being able to access an account. 

MFA - Multi-factor Authentication - For some accounts, passwords are not enough. To make sure you are properly protected, multi-factor authentication is the way to go.  A verification that requires you to demonstrate at least two of "something you know" (like a password), "something you have" (like a phone), and "something you are" (like a fingerprint) drastically decreases the probability of a successful hack.