Hackers are constantly searching for passwords with which to penetrate your computer network. Phishing attacks, for example, will urge your people to log into a fake site using their passwords, recording them if they comply. Some use a brute force method using common words and phrases. Unsecured devices such as personal computers or mobile devices or hotel kiosks can be infected with malware that captures passwords.
With that in mind, here follow some suggestions for sound password management.
- Use long strings of characters, a good mix of alphanumeric and special characters. Avoid common words and phrases. Do not use familiar phrases such as birthdays, anniversaries, favorite TV shows, etc.
- Never write down your passwords and leave the document in an unsecured location. A surprising number of people will write down a password on a post-it note and leave it attached to their workstation.
- Never share your password, especially with someone outside your organization.
- Be wary about logging into the system with a personal device from offsite. Always use a device that has been secured against malware by your data security people.
- Never respond to phishing attempts. Do not open suspicious emails, and do not comply when they ask you to log into a website using your password. If you think you have fallen for such a scheme, change your password immediately, and contact your data security department,
- Change your password periodically, at least every quarter.
- Never use the same password for different devices.
- Make sure that no one is looking over your shoulder when you key in your password,
- Run antivirus software periodically to clean your computer of malware, such as a keylog virus that can pick up your password.
For more information contact us.