Passwords may not seem like a marketing topic. But as a full service marketing agency, it is our responsibility to offer information to our clients about keeping their businesses moving forward. Changing passwords often is just one way to ensure that our clients avoid cyber threats or attacks. While nothing is ever 100% guaranteed, we have some tips on how to steer clear of having your passwords compromised on the Internet.
No matter what the actual date is of the day you are reading this blog, if you haven’t reset your password to any account in awhile, it might be time. The most important websites, like sites that we use for business operations, email, banking, work, school, personal agendas, websites we shop a lot on, etc. should have their passwords changed more often. But how often should you change your password? And why should you change passwords all of the time? We know it can be tedious to always try to think of something new, but we promise it is much easier to make a password change than recoup whatever data is compromised. Let’s learn why.
How Often Should You Change Your Password?
IT experts recommend that people should update their passwords after every three months. If you are still using the same password since college and haven’t been asked to update it, then you may 1) want to update it now and 2) really look into the website you’re using to make sure it doesn’t store personal information that could be stolen from you since this site doesn’t seem very secure (or truthfully care about your information).
There are times when you should change your passwords right away. Like, if you know you’ve been a victim of a cyber attack. The goal is to ensure that if a password is compromised, a cybercriminal will only be able to access whatever account they got into for a short amount of time because you were able to quickly reset your password.
How Does a Cyber Attack Work?
Without getting into the nitty gritty of details, just think of it as someone gaining access to all of your personal information online and being able to use it in whatever way they want. The most common example is when a credit card number is stolen online. The cyber thief can use your card to make whatever purchases they want.
According to Justin Sheil, Content Marketing Manager at Electric, these are some of the approaches attackers have use to gain passwords. It is probably easiest to do a search to learn more about each of these approaches if you are unsure of what it is.
- Social engineering.
- Shoulder surfing.
- Offline cracking.
- Brute force attack.
- Use of network analyzers.
- Dictionary attack.
- Rainbow table attack.
- Mask attack.
Password Creation Tips
The first tip is a no brainer, but a great reminder – Use strong passwords. The key aspects of a strong password are length (the longer the better); a mix of letters (upper and lower case), numbers, and symbols, no ties to your personal information, and no dictionary words. The Cybersecurity & Infrastructure Security Agency has some really great tips to check out as well from a business perspective.
Here are some additional tips from webroot.com:
- Don’t reuse your passwords. If you’re using the same password across email, shopping, and other websites holding sensitive personal data (or even a local community website) and one of those experiences a breach, you’ve now exposed the other services to the risk of being breached as well.
- Don’t write your passwords down. It can be tempting, especially in the workplace, to keep track of passwords of the old-fashioned way, but these are easily discovered. Not all hackers are mystery Internet users. They could be co-workers or other people in your very own place of work!
- Use a password manager. There are many apps that store your passwords securely. They can also remind you when it is time to reset your passwords.
- Don’t share your passwords. This one is a no-brainer as well, but if you must share, change it as soon as possible.
Don’t be fooled by online “quizzes” that get you to answer questions about yourself. Sometimes the questions provide personal information that can be used to access account information (ex: Where were you born? What is your favorite color? Who is your favorite band?) These questions may seem silly, but are oftentimes used to gain access when a password is forgotten.
Remember, regardless of the many technology solutions in place to help secure any network, your best defense is, and always will be, vigilance of Internet safety. If a website doesn’t seem right to you, or if it is asking too personal of questions, leave the site.