You’ve likely heard that “Password123” isn’t a strong password and that using easily guessable information like your last name is a bad idea, but do you know why? We have the answer for you: dictionary attacks. 

Dictionary attacks are a brute force method used by sneaky hackers to systematically crack users’ passwords by trying commonly used words, phrases, and number sequences. Businesses can suffer devastating security breaches when cybercriminals gain unauthorized access to accounts, whether through these direct attacks or phishing schemes. A strong password acts as the first line of defense against such cyberattacks, which makes it critical for business owners to ensure employees are well-versed in password best practices.   

In this article, we’ll explore how you can empower your team to manage passwords effectively, ensuring company data remains protected in the ever-changing world of cyberthreats. 

Industry best practices advise that passwords should be at least 16 characters in length. Ideally, it should include a mix of uppercase and lowercase letters, numbers, and special characters.  

Simple passwords can lead to trouble for your business. When guiding employees to use strong passwords, let them know: the longer, the better. Here is a step-by-step guide that you can pass on to your team to help them create and manage their passwords.  

Step 1: Start with a Memorable Base

Choose a phrase or a longer sentence that is easy to remember yet hard for others to guess. For example, a phrase like “longislandrocks” can serve as a strong foundation. 

Step 2: Enhance Complexity 

Transform your base phrase into a complex password by implementing several modifications: 

  • Substitute letters with numbers and symbols: Change ‘o’ to ‘0’ and ‘a’ to ‘@’. 
  • Vary the case of the letters: Mix uppercase and lowercase letters to add complexity, e.g., alternating between the two or capitalizing every other letter. 
  • Incorporate numbers and special characters: Append numbers and punctuation marks to further enhance security. 

Using the example above, “longislandrocks” might become “L0nG1sL@nDr0x591!!”. 

Step 3: Ensure Uniqueness

Make sure that your new password is unique to each account to prevent a single breach from compromising multiple sites. Avoid using similar passwords across different sites or variations of the same theme. 

Step 4: Stuck? Try Random Generation 

If crafting 15 different passwords seems daunting, use a reliable password generator to create strong, randomized passwords.  

Step 5: Utilize a Password Manager  

Password fatigue is real. Password managers like LastPass and Keeper store and generate complex passwords, reducing the need to memorize them. Setting up your employees with a password manager helps protect sensitive company data and reduces stress.  

Step 6: Regularly Update Passwords 

Regularly updating your passwords reduces the risk of them being compromised. Make it a habit to update passwords every three to six months. Throw a “password party” and give your team the time to update their information; provide some delicious New York pizza to make it fun!  

The effort you put into creating strong passwords today can save you from potential headaches in the future. 

Fluid Imagery partners with Keeper to securely manage passwords, contact us to get started! 

Many businesses fall prey to common password pitfalls. It may seem obvious, but avoid using easily guessable sequences like “123456” or “password.” Similarly, refrain from using personal information that can be easily obtained from social media or public records. Here are some suggestions on what not to include in your password:  

  • Names of relatives or pets: If you recently celebrated your pet on social media, for example with a post like “Happy National Dog Day to my sweet Rufus,” a hacker might guess you’d use your pet’s name in your password. This is a common practice and can make your password vulnerable. 
  • Birthdays: Hackers can easily find your birthday through public records and social media, so it is best to leave it out of your password creation.  
  • Work Information: The name of your company, job title, and industry should not be anywhere near your passwords as hackers can easily find this information on LinkedIn.  
  • Common Words: Avoid using singular words that can be easily guessed or found in the dictionary. Passwords like Dancing2 or Reading5 are not strong passwords.  

Two-thirds of internet users reuse the same password for multiple accounts. Be sure to use unique passwords for every personal and work account, as this exponentially decreases the risk of a security breach.

After you lockdown passwords, it’s time to level up the rest of your cybersecurity game. Providing cybersecurity training equips your team to recognize potential threats, and regular security audits help identify and mitigate system vulnerabilities. Together, these measures reduce the likelihood of a security breach in your business.  

While strong passwords are important to keeping your data secure, even the best passwords won’t protect against phishing attacks and other threats. This is where Fluid Imagery comes to the rescue, offering expert cybersecurity training tailored to your team’s needs. Let us equip your business for success. We are your trusted partner in cybersecurity, contact Fluid Imagery today to learn more!