What’s in a Password?

In Compliance, Cyber Security, Financial Services Technology by Amaya Swanson

A business associate once told me, “If security isn’t inconvenient, you’re doing it wrong” which couldn’t be more accurate. For most people, the inconvenience starts with passwords – between email, social media, banking, shopping, and simply life, we have dozens of passwords we enter regularly.

Let’s face it – it’s easy to get lazy about passwords. Be it using the same password across all platforms, using numbers that are familiar to you (e.g. birthdays, anniversaries), or adjusting only one character on a password when you’re forced to change it, bad password habits are easy to fall into.

But creating good and safe passwords doesn’t have to be annoying or complicated! While some of the best practices are intuitive, some are less well known. For a more secure online presence, follow the below password tips:

  • Create a password that is at least eight characters (preferably more) and contain letters, numbers, and special characters.
  • Change your passwords regularly, but especially if you think your credentials have been compromised.
  • Instead of a word, use a long passphrase and add numbers and special characters. You can also substitute letters with numbers and punctuation marks or symbols. For example, @ can replace the letter “A” and an exclamation point (!) can replace the letters “I” or “L”.
  • Avoid common words (*ahem* like “password”), or words that are personal to you and thus easy to guess.
  • In your passphrase, use phonetic replacements (e.g. “PH” instead of “F”) or intentionally misspell a word (e.g. “mycrosoft” instead of “Microsoft” or “sympel” instead of “simple”).
  • Never share your password (with anyone!) and don’t write them down and especially not on a post-it note that you place under your keyboard.
  • Always use different passwords for different accounts and devices – especially for key accounts like email and banking – so that if one password is compromised, your others are still safe.
  • Whenever possible, utilize multi-factor authentication like a one-time PIN texted to a mobile device, which provides an added layer of security beyond the password and username. Many systems have this option (specifically email, banking, and social media), and if the option for multi-factor authentication is available at work, use it!

Before the end of the day, commit to changing your oldest password in use as a jump start to a safer online experience!

Our next post, Phishing – When Scams Hit Your Inbox, will be up Friday!

Share this Post