Password Security

Password Security

Blog

There are many ways to prevent potential hacking which can lead to dangerous Cyber Attacks. The simplest preventive option is often the one people overlook - a strong password.

Nearly everyone would have been taught that “a strong password should consist of letters, numbers and be a minimum of 12 characters long.” While this advice is indeed still relevant, many choose obvious, memorable names or common phrases with slight amendments for example; instead of an “S” they choose “$.”

Hackers are getting smarter; they use automated software as a way to submit hundreds of guesses per minute to open your account. The tools use lists of dictionary words to sequentially guess the password. Some will even add common symbols, numbers or signs that it predicts you may have added to the word in the attempt to make it more complex. Cyber Criminals go as far as using social media as a tool, to guess your password based on your hobbies, family names and common interactions.

While this news is shocking, and you may feel the only solution is to delete all your social accounts and disappear from the world of the web altogether - this simply isn’t practical and there are ways to ensure your password is resilient, robust and memorable.

Too Many Passwords?

Having the same password for all your accounts is just as vulnerable to an attack as having a weak password. Think for a moment how many systems you need a password for? To name just a few;

  • Accessing your computer
  • Email accounts (multiple)
  • Social Networks
  • Online banking
  • Accessing documents
  • Paying bills
  • Membership subscriptions

Ensuring each and everyone of these passwords is secure is one factor, yet remembering them all can be pretty taxing. Advice from the National Cyber Security Centre is to keep your password for longer, as changing too regularly often leads to weaker password selectivity and the user writing it down for , which could memorisation - which can easily fall into the wrong hands.

We advise to change passwords especially those that link to sensitive data every 6 months to stay vigilant.

Recommended Solutions

Using a password manager such as KeePass allows you to manage your passwords in a secure way. All your different passwords are held in one database, which is locked with one master key or a key file. You only have to remember one master password to unlock the whole database. Encryption using the best and most secure algorithms currently known, are then used to keep your details safe and hackers away!

Multi-Factor Authentication is now more common within the workplace, especially with remote working becoming more popular. Access is only granted when the user has confirmed two or more pieces of evidence i.e. a password and then a security code sent to the user’s phone. You may have already encountered multi factor authentication without even releasing it. ATM’s for example use the individual’s card and pin to authenticate and our mobile phones have the functionally of finger print/face recognition along with a passcode. We wouldn’t compromise on using multi factor for these uses, so why would we risk it for our business?


 Password Guidance

Not sure how to choose the best password to stay secure? Here are some simple steps to consider:

 

 One's to Avoid 

 

Footb^ll1903

  • Common hobbyRed Cross indicating error
  • Easily identifiable from various sources                                                                             
  • Common substitution for letters
  • Using a traceable number such as DOB-hackers don’t send birthday cards!

Catinthehat

  • Overused phrase
  • Easily identifiable from various sources                                                                                                                                

 My3R%tLnsv$$!

  • Too obscure for regular use
  • Are you really going to remember that?
 
Try this instead

 

 monkeyandlionrodeabikeGreen tick indicating correct

  • A passphrase consisting of random words such as “monkey and lion road a bike” is much more difficult to hack 
  • A visual stimulus enables the phrase to be more memorable

 Mon3eyandlioNrodeab!ke                                                                                 

  • For Super Security you could then add substitute letters for numbers or special characters-we advise a mix of 2 capital letters,  a number and special character
Lion on a bike and a Monkey looking confused

 


For more advice and information on Cyber Security speak to one of our friendly team on 0207 096 2808 or send us a message. 

The Gallery Partnership offer free consultative advice, providing Software, Support and Solutions for Charities for over 20 years. Why not see how we can help your organisation achieve it's mission whilst staying secure.

Digital Padlock