“But I have the same password for everything. I don’t want to change it!”
“It’s hard to remember new passwords!”
“I’ve never been hacked, and I’ve had this password forever! It must be strong enough.”
If you have ever thought or said these words, it’s time to change. You’re putting yourself at great risk, because in our industry, we see cyber criminals violating personal and company information all. the. time. If you don't change your password and nothing happens immediately it doesn't stop that the cyber criminal from banking on your complacency.
So, stop, take a minute, and come up with a complex password that will help safeguard you from cyber criminals. Here is your simple criteria for setting up a complex password. It should have a minimum of 8 characters, and make sure to have at least 1 of each of the following:
- Capital letter
- Lowercase letter
- Special Character (e.g * & % $ #)
Avoid the following:
- Birth dates
- Social Security numbers
- Adjacent keyboard combinations such as: qwerty or 123456
- Username information
Other dos and don’ts to keep in mind:
- Don’t store your passwords in plain text on your desktop, for example in the sticky notes app on your screen. Anyone could see these passing by your desk.
- Keep a separate password for your email accounts. Do not use this password for other online accounts.
- If you keep a written list, then make sure it’s not kept in plain sight, or where others know to find it.
- Password storing programs are available where you can login to accounts, and have your password be stored and controlled by one master password. LastPass and DashLane are common cloud-based. If you would prefer to have a local non-cloud based password manager, Roboform, PasswordSafe or Keepass are options for you. If you use one of these services, make sure your master password is very strong, and meets the requirements outlined above. I recommend greater than 8 characters for additional security.