Password Protection Tips
How to Stay Safe During National Cybersecurity Month
National Cybersecurity Month (NCSAM) kicked off October 1st and is now in its 17th year. Hosted by the Cybersecurity & Infrastructure Security Agency (CISA) and the National Cyber Security Alliances (NCSA), NCSAM’s goal is to raise awareness about the importance of online safety and to encourage individuals to take proactive steps to stay safe online.
The theme this year is “Do Your Part #BeCyberSmart,” While also incorporating “If You Connect It, Protect It,” NCSAM highlights the importance of ensuring the safety of all devices connected to the Internet, which is a number that is growing rapidly.
While having a strong password won’t protect your organization or devices from an attack 100% of the time, it is the first line of defense against hackers. Having a strong password and strong password policy can make a huge difference in your organization’s ability to stand up to bad actors.
Below we’ve outlined some key elements of a good password policy.
Complexity: Put simply, complex passwords are harder to crack. Passwords should require 8-15 characters, and contain at least one upper and lowercase letter, a special character, and a number. A great rule is to ask users to create a password phrase, which is longer and more secure.
Fact: the most commonly used passwords at “123456,” “password,” and “qwerty.”
Age and Reuse: The best practice is to set a 90 – 120-day restriction for how long a password can be used, and when users are forced to reset their password, ensure they cannot reuse the same password or variation of an older password.
Fact: 78% of users have the same password for multiple sites.
Multi-Factor Authentication: Multi-factor authentication (MFA) uses two or more independent means of evidence (factors) to confirm the identity of the user attempting to login. For example, enabling MFA on email would require users to login with their username and password AND confirm their login on their smartphone. Even if a password is stolen, hackers cannot bypass the secondary factor on the user’s smartphone.
Fact: According to Microsoft, using multi-factor authentication blocks 99.9% of account hacks.
There are several more National Cybersecurity Awareness Month resources at your organization’s disposal here. These resources include tip sheets, security presentations, and social media graphics. Do your part, and get cyber smart today!
