No one enjoys working with passwords, but they are necessary for keeping all our accounts secure – for personal or professional use. You likely already make sure your passwords are strong and difficult to crack. You might even go the extra step, and never use the same password for more than one account at once. But there’s another issue to consider.
Should you change you passwords on a recurring basis? And if so, how often?
When you change your password every few months, it limits how long a stolen password is useful to an attacker – how long he/she has access to your account. If someone steals your password and you don’t know about it, the attacker could potentially eavesdrop for an unlimited time and glean all sorts of information about you or do other damage. Therefore, for decades now, many security guidelines have recommended frequent password changes, usually between 30 to 180 days – for example: the Windows domain password has a default of 42 days.
Here are some great tips to make sure your passwords are strong and kept safe:
1. Make sure all your passwords are strong and unique
2. Whenever possible, use some form of two-factor authentication (2FA) so a cracked password won’t compromise your account. You could also combine two factor-authentication with machine-generated password applications which will increase difficulty for hackers.
3. Use a password manager so you don’t need to memorize or write down your passwords. Not only will password managers store all your passwords in an encrypted vault, but they will fill them in for you. Password managers will audit your existing passwords, looking for those that are old, weak or repeated, and will generate new passwords for each of your accounts. It is strongly recommended to have multi-factor authentication for the password-manager.
4. Choose a password that is easy to remember with a minimum of 12 characters that includes a combination of the following:
- Use a mix of alphabetical and numeric characters
- Use a mix of upper and lowercase
- Use symbols if possible
- An acronym can be helpful to remember
- Use a combination of letters and numbers within a word (for example – Co$T4-see R1caZ4t1)
- A combination of two unrelated words
*The above is advice for personal use only. If you are looking for a Password Manager or a Privileged Access Management (PAM) solution for a business, we would be happy to talk and to share with you our experience and technology solutions. Contact SEGMENTECH Today!