October Is Cybersecurity Awareness Month. Part 3: Use Strong Passwords

In this multi-part series, we’ll look at what organizations can do to better improve corporate cybersecurity as part of October’s Cybersecurity Awareness Month. In this blog, our focus is using strong passwords.

Passwords and passcodes are now required on almost all devices, accounts, and systems. Making sure you use strong passwords will help keep you safe. We’ll look at what strong passwords are and how to go about using them.

Password security starts with creating a strong password. A strong password is:

  • At least 12 characters long but 14 or more is better.
  • A combination of uppercase letters, lowercase letters, numbers, and symbols.
  • Avoids words that can be found in a dictionary or the name of a person, character, product, or organization.
  • Significantly different from your previous passwords.
  • Easy for you to remember but difficult for others to guess. For example, consider a memorable phrase like “6CatzRLo0king^”.

You can also use passwords suggested by browsers or password managers, which we’ll discuss later.

Once you’ve created strong passwords, you’ll have to make sure you’re using them properly. For example, you’ll never want to share the passwords with anyone. Also, you’ll want to have a unique password for each device, application, and website. Next, you’ll want to be sure to change all default passwords on systems and devices. Some devices have been hacked because they come with default credentials like admin/admin from the factory and never prompt a user to update the password during first log in.

You can also use browsers to learn about your password hygiene. For example, for macOS users, Safari can be enabled to let you know if your passwords need to be changed because they are being reused or have been compromised.

To check on this, go to Safari > Preferences > Passwords. Here you can enable “Detect compromised passwords”.

Password Screen

If the password is compromised, you will be told why and be given the option to change and update the offending password:

Password Screen

Another bit of password hygiene to keep in mind is when you learn about a breach, either through news or from a notification email from a website, change your password immediately. You never want…