How To Create a Great Password in 2021
Posted By: Ryan Richardson - 2/16/2021 12:00:00 AM

It’s no secret that 2020 was a wild year for cybersecurity. Many companies were forced to move to remote working situations abruptly, and navigating the threats this presented was no easy task. One of the most basic and core components of a solid cybersecurity strategy is having a good password policy. This applies to every industry and every size of organization, but especially small-to-medium sized businesses who have a giant target on their back. SMBs are an attractive victim for cybercriminals because they typically have less resources dedicated to security.

Today we will remind you about 3 key components to include in any strong password, but first I want to touch on an authentication trend we are seeing as we move further into 2021.

There is talk of Microsoft aiming to eliminate passwords all together in 2021, and according to the following statistics sited in Microsoft’s blog, they have good reasoning for this bold ambition:

  • On average, 1 in 250 corporate accounts are compromised each month.
  • Roughly 4 out of 5 cyberattacks are aimed directly at passwords.
  • Gartner Group research shows that 20-50% of help desk calls are for password resets.

So, it’s easy to conclude that passwords are in fact a major threat, not to mention a hassle. Microsoft has made some big strides in reaching their goal, with hundreds of millions of users already using their passwordless technology that authenticates with biometric information from fingerprint or facial ID scanning, much like we’ve been doing with our smart phones for quite some time. 

The thought of moving to a passwordless reality is exciting to many of us, but while most of us are still using these things every day, let’s make sure they’re as effective as possible.

Here are 3 key components to forming a strong password:

  1. Length: We recommend that your password be at least 10 characters long. This should be comprised of upper and lower-case letters, as well as special characters. An easy way to generate long passwords that are memorable, is using phrases (“humble, hungry, and smart”) or song lyrics (“Here Comes the Sun!”).

via GIPHY

  1. No Personal Information: This means avoiding things like birthdays, middle names, your kid’s name, etc.)
  1. Avoid repetitive characters (“rrrrr”) or sequential numbers (“12345”).

 

Protecting Your Password

Now that you have a good idea of how to create a password, be sure to protect it by using the following best practices:

  • Turn on Multi-Factor Authentication (MFA) for login.
  • Don't hand out your password—not even to trusted family members or computer support staff.

via GIPHY

  • Use a different password for each online account. That way, if one password is compromised, your other accounts are not at risk. It is especially important that you refrain from using your work password for personal services.
  • Use only secure programs when connecting to your work environment—programs that protect your password and your data.
  • If you must write down your password to help you remember it, it is better to write down a clue to jog your memory rather than the actual password. Keep it in a safe, secure place, where others cannot see it.

And possibly the most important tip…

  • Use a Password Manager. Create a ridiculously strong password for your password manager, then allow your password manager to create and store your passwords for all other accounts. Devices you use daily will store the log in credentials. Logging in on a device you have never used before will require you to look the password up in the manager.

As we all collectively wait for the day when passwords are no longer, let’s all do our part in keeping ourselves and our organizations safe. You can find more security tips like How To Spot Phishing in 2021 and How to Stay Safe on Public WiFi here on our blog.

Small-to-Medium sized business leader? Ransomware is still widely believed to be the number one malware threat to your organization. Download this 2020 Ransomware Report to find out what you can do be prepared for this ongoing threat.