Passwords are challenging.

We’ve all been through it: the struggle of creating an uncrackable password and, most importantly, remembering it. Most employees understand that one breach at their company can result in thousands of user names and passwords being compromised. But how do we ensure the safety of our accounts and employees online with multiple accounts and remote/hybrid working? 

This World Password Day, let us take a closer look at modern password security practices every employee should know and implement, no matter where they work. 

Create a long and strong password

If you want to keep your online accounts secure, you must use strong passwords. Strong passwords make it much more difficult for hackers to break into your system. Strong passwords are those that are over eight characters in length and contain both upper and lowercase letters, numbers, and symbols. Remember to never use any personal information, like your birthday or your address. Instead of using a word from the dictionary, create a long sentence. The longer and more complex your passphrase is, the more secure it will be. Have a favourite saying, song lyric, or phrase that you often use in everyday conversation? Make this phrase your password. For example, ‘Que Sera Sera’. Now personalize your sentence by replacing words with numbers or symbols that look similar to words. For example, the password could become ‘Q3eS3raS3ra’

Use different passwords for different accounts

Did you know that according to a report by network security provider RSA and the Ponemon Institute, 69% of consumers admit to reusing the same password on more than one device or website?

Having the same password for multiple accounts might seem convenient, but it is extremely dangerous. For example, if you use the same password for your email account as you do for online banking, a hacker could change your banking password and lock you out of your account. The best way to keep your information secure is by using different passwords for every account you have. So while it’s essential to use complicated passwords—including numbers, symbols, and capital letters—it’s equally important to create a unique one for each account.

Use Two-Factor Authentication

In addition to a username and password, two-factor authentication can be used to protect access to your organization’s software, information systems, and other resources. Two-factor authentication comes in many forms, but they require you to confirm your identity with something you know (your password) and something you have (your mobile phone or your email address).

For example, when you log in to a website or use an app, 2FA will ensure you get an SMS with a one-time code that you’ll need to enter to log in successfully. This protects your account from being hacked because even if someone guesses or cracks your password, they won’t have the code needed for entry into the system.

Use a Password Manager

Do you remember the last time you tried to log into a website or app and then realized you forgot your password?

We get busy, forget, and then reset our password. But if you use a password manager, you don’t have to worry about forgetting your passwords because your password manager stores them for you and even creates strong, unique passwords that are easy for you to remember. A password manager is like a book of all your passwords. You keep the book locked with one master key that only you know. So when you’re ready to sign up for a new site or app, just pull up your password manager and copy/paste your password into their login box, and you’re in!

Stay vigilant

It’s a common misconception that the only thing you need to do to keep yourself safe online is to use a strong password. But the fact is, even if you come up with an unbreakable password and never, ever forget it or lose it, a hacker can still steal it by using spyware that tracks your keystrokes. Keyloggers are malicious programs that can monitor what you do on your keyboard—and give a hacker access to passwords, account numbers, and other sensitive information. The good news is that you can take steps to protect yourself from those keyloggers. Make sure your anti-malware and vulnerability management solutions are up-to-date and run regular scans to harden your systems and prevent intruders from entering them in the first place. In addition to this, don’t write down passwords anywhere.