Accountants Cyber Security: Password Best Practices

Think about how many passwords you use on a daily basis. Sometimes we lose sight of how much security they actually provide, but checking your email, getting on Facebook, and paying your bills all require a password for good reason.

With increased technology, hackers are now able to crack passwords faster than ever, making it more important for you and your employees to create stronger passwords. We are told to make passwords that are personal and hard to guess, but that strategy is no longer enough to stay protected.

Here are a few tips for creating a strong password and protecting your accounts: 

Creating Your password 

What makes a password weak?

When coming up with a password, try to avoid common phrases, names, sports teams, and pet names. It is important to avoid making a password comprised of only numbers or only letters. These can be easily guessed by password cracking programs. Therefore, including Social Security numbers, phone numbers, or any words similar to your username in your password can give those trying to access your information an easier path to achieving their goal. The last rule for avoiding a weak password is extremely important, and is perhaps the most violated among Internet users: do not repeat passwords. As hard as they might become to remember, using the same or similar passwords for multiple accounts can compound what might have been a manageable problem if someone gains access to one of your accounts.

What makes a password strong? 

A strong password uses a combination of length and usages of different categories of characters and symbols, making it almost impossible to crack. In terms of the number of characters (length), a strong password should contain at least eight characters. This will give you enough spaces to fill in with a variety of characters from different categories (Uppercase, lowercase, numbers, and symbols). Having a good mix of these will make your password more difficult to hack. Some good password examples are shown below:   

• dJ3tEr2!  Sure, you can use your favorite sports player in a password (like many people choose to do). Varying the characters in a way such as this password has done makes it almost impossible to guess, but slightly easier to remember. 
  
  
• Ilmw/Jan,25    Many people choose to use acronyms for passwords. In this case, the acronym stands for I love my wife and contains a date that could be an anniversary, or any other significant date that is easy to remember. However, instead of simply creating the password with the acronym and date, make it harder to crack by inserting special characters such as a / and a ,.
  
  
• Let5pl4y2!    Favorite phrases or sayings make for great passwords, if done correctly. Instead of making your password ?letsplaytwo?, you can try a variation of the characters that still retains the meaning and appearance of the original phrase. It is about being easy to remember, but not easy to guess.

Avoiding Complacency 

Periodical Changes It is a great idea to change your passwords every few months. Some may be reluctant to do so, as passwords are hard enough to remember without changing. But, varying your password even slightly is enough. For example, instead of using an exclamation point (!) at the end of your password, change it to a dollar sign ($). Such small changes are usually easy to remember. If you are having a hard time remembering your password, it is ok to write them down in a safe place, without labeling them as 'passwords'.