IT security is a fundamental issue for companies in the internet age, and passwords are the first defense against malicious people. One of the critical factors for corporate IT security can undoubtedly be identified in the ability to create effective passwords designed to oppose the formidable intervention of professional hackers staunchly: real virtual criminals constantly looking for sensitive data to steal, decrypt, use and reuse, taking advantage of it at the expense of the unfortunate and, sometimes, unsuspecting victims.
In a situation where not even multinationals can defend themselves properly, and the security of small and medium-sized enterprises is increasingly targeted, what can be done to improve corporate IT security and protect oneself from this attack? The first rule: follow a few good tips explicitly designed to generate (almost) unbreakable login credentials!
Avoid Mob-Inspired Passwords
In addition to the fact that many users decide to pay homage to their favorite film-book-actor-singer by using his name as the password of the most used accounts, lately, the choice of profanity, parts of song lyrics, album titles, music and names of band members. Those who opt for such solutions put hackers in the ideal condition to make the most of specific software that can quickly identify acronyms, words and phrases that are particularly common among the population. It is better to favor less obvious proposals to counter this trend and ensure higher IT security.
Preclude Passwords With Names Of Partners And Pets
Before decrypting any access key, many hackers seek-find private user information (names of boyfriends, friends, family, pets, etc.) in free platforms such as blogs, websites or profiles such as Facebook and LinkedIn, which are then entered – tested as a password to access essential portals such as the banking one. All this is carried out through special programs specialized in identifying connections between the terms most used by the victims who, using credentials that are too easy and excluding the possibility of being predictable a priori, subject themselves to considerable risks.
Don’t Rely On The Password Alone
Many companies think that logins and passwords alone are insufficient to protect users’ information, which is why they offer them a series of alternatives designed to ensure a higher level of protection. Among these alternatives, the so-called “Two-factor authentication” must be mentioned, allowing registered people to access their accounts only after first entering their credentials and then a one-shot code sent by the system, for example, via text message following the attempt of access. To enable this type of feature, usually, it is sufficient to access the account menu or the security item.
Remember That Long Passwords Aren’t Impenetrable
Nowadays, the software can guess passwords of more than 50 letters. This testifies to the fact that the length does not necessarily correspond to a guarantee of security; therefore, before sleeping peacefully, ensure that the obscurity of your access keys is not based only on the number of characters used.
Always Vary Your Password Recovery Questions
During account registration, most sites ask you to enter a recovery question to be used in case of loss of access credentials. Again, hackers can identify this question by retrieving user information on platforms such as Facebook, LinkedIn and the like, especially when it is straightforward and used simultaneously in different portals. However, the idea is to invent little obvious and different questions for each account, paying great attention to avoid choosing forgettable answers.
When Inventing A Password, You Prefer Mathematical Formulas To Quotations
Until recently, many extolled the effectiveness of using passwords deriving from mottos, famous phrases, aphorisms and quotations but considering the power of specific programs in the hands of hackers, and it is more helpful to opt for equations or mathematical formulas such as “2 million + 3 = five million”. The solution is easy to remember for the subscriber and rather difficult for the hacker to decipher.
Don’t Add Numbers Only At The End Of The Password
Although the software is currently explicitly designed to associate specific numerical sequences with certain words, many users continue undaunted to choose passwords, for example, containing their place of birth followed by the year (“roma1972”). A decidedly inappropriate solution is to be camouflaged as soon as possible, simply by interlocking the alphabetic characters with the numerical ones (“r1o9m7a2”) or proceeding towards similar paths aimed at avoiding banality.
Reuse The Same Passwords Only On Secondary Sites
When users access the essential portals (bank, e-mail, etc.), they must pay close attention to the choice of unique access keys, which, if stolen by hackers, do not allow them to enter all the other accounts. Different speech, however, for less critical sites that are accessed only once or once in a while: in this particular case, it is possible to use identical access keys to be associated with secondary email addresses where too sensitive data are never present.
For Email, Choose A Unique And Top-Secret Password
The emails of the primary e-mail account often contain sensitive information (banking account numbers, addresses, passport scans, etc.), which must always be protected with great care. To do this, it is essential to identify an ad hoc password that, in addition to remaining top secret, is never reused in other portals.
Mix The Different Types Of Characters With Made-Up Words And Phrases
In addition to preferring passwords of at least eight characters mixed between alphabetic, numeric and unique, in which there is the alternation of lowercase with uppercase, it is also advisable to mix non-existent terms, meaningless grammatical periods and any other element that could make it difficult to the intervention of hackers. A good example is the below: “gaTtOSottO15*(CAMPANILE!SEGUE 11)eLefanTIni”.
Change Passwords When People Change
Corporate IT security is in the hands of every employee of a company! If there are passwords that are used by several people when they leave the company, it is better to change those accesses to avoid unpleasant situations. Now that we have provided you with some helpful advice for creating complex passwords to break and improving your corporate IT security, you can finally do everything possible to protect your sensitive data, keeping them away from the clutches of dreaded virtual crime.
Read Also: Microsoft Cloud: The Advantages For Your Business