I had a bit of a nightmare over the weekend, I did something to my laptop and lost all my saved passwords - my laptop is my own so it is okay that I have my passwords saved (don’t do this on any PC’s that anyone else has access too!!) Like most people I use a combination of about 4 different passwords in various different connotations. Long story short it took me the best part of 2 hours to remember/ work out my passwords and get myself back into all my accounts – except Amazon that one has me really baffled!
So I thought I would give you all some advice on your getting your business passwords as good as they can be to ensure your business critical data is as safe as it can be.
- Make sure that your staff are not using dictionary words as passwords as these are easily guessable and there are lots of software programs for hackers to use to scrawl passwords and they all start with dictionary words.
- Tell your staff that they should not use words that are personal to them – spouses or children’s names, favourite football team, the street they live in are all bad choices and easily guessed by someone with a little knowledge on the end user or access to their Facebook account.
- Passwords should be 6-8 characters in length the more characters you have the more secure the password will be. Alphanumeric characters are best - enforce a rule on your network that a combination of letters, numbers and symbols must be used or the password is rejected.
- It is advisable to set up a maximum duration for each user’s password, forcing users to change their password regularly – this can be done monthly, bi monthly or even 6 monthly.
- Tell staff not to write down their passwords anywhere.
- Users should be encouraged not to use the same password for multiple programs / systems
- Staff should never give their password to anyone, even IT personnel – if someone needs access to their system the End user should log in themselves and stay with the person and monitor what they are doing on their user account.
These are all very basic tips and should be common sense – remember to keep your business data safe it is one of the most valuable assets your business has!