21 Sep Using Strong Passwords
Insecure passwords is a common issue of the internet age. Many passwords are easily guessed and often reused, resulting in massive data breaches, impersonations and frauds. This is why in this post, we would like to share some tips on keeping your passwords secure.
(1) Different password for ALL logins
- A very common ‘technique’ used by many people is to use the same password for all their logins. This is so they can easily remember their passwords for all their digital accounts. However, this is very unsecure because with one password, someone can use the same password to break into all your digital accounts.
(2) Pass Phrase
- If you cannot remember so many passwords, security experts have now recommend using a pass phrase. These are random words that are put together, along with numbers, symbols and upper case, lower case letters. For example YAY$uperCh33se4me29. For such pass phrases, think of a relatively long phrase what other people cannot guess.
- Be sure not to use personal information like your name, NRIC or date of birth.
(3) Password length & make
- The password you use should be at least 12 characters long. Longer passwords are more difficult for others to crack.
- By the make of the password, we refer to using numbers, uppercase, lowercase and symbols. Instead of using S, you can try using $; or 1 instead of L. You can also include & and % or @.
(4) Frequency of password update
- Update your passwords as often as you can (at least every 90 days). As administrators, we like to implement a 90-day forced password update. This means our users will have to change their passwords every 90 days AND they cannot reuse a password that they previously used.
(5) Password Manager
- If you really cannot remember your passwords, consider using a service like Lastpass.
(6) Two-Factor Authentication (2FA)
- Where possible/available, use 2FA to verify your identity.
- Google Authenticator is a very common way to verify your login. It is available on both Android and iOS platforms.
Check out the strong password checklist on the CSA website.
Find out more about securing your passwords at https://www.csa.gov.sg/gosafeonline/go-safe-for-me/homeinternetusers/secure-your-password
Stay safe online – Visit https://www.csa.gov.sg/gosafeonline for useful information about cyber security for yourself and your business.