The Three S's of Password Security
Updated: Aug 22, 2019
We might think it’s fictional, but many people still do count on “password123” to guard their information. Others write their passwords on a sticky note and attach it in plain view on their desks. While it might be hard to be sympathetic to these people when their security is breached, what about the others who do try to be conscientious?
Fortunately, there are some fairly easy means to develop more secure passwords, and there are some tech tools more reliable than our own memory to store them. Let’s explore the three S’s of password security.
Strength - Creating Passphrases
Just as we wouldn’t put tape on our front door to keep out burglars, we shouldn’t count on a weak password to keep out cyber thieves. A “passphrase” is actually much stronger than a simple "password.”
The best passphrases are those that are easy to remember so you never need to write them down.
For example, instead of using your birth date as your password, you might decide to use
"BornInDecember.” Using three or four words that don’t usually go together is even better. Choose a few of your favorite things and put them in a sequence you'll easily remember: "CarHorseChocolate".
You might also choose to add security layers such as multi-factor authentication. These require a bit more effort but are always worth it.
Storage - Password Management Software
At first it may seem like a good idea to have “Password Spreadsheets” to store the many passwords a company or busy individual uses. But these are extremely risky and have cost companies millions in data breaches.
A much better way to store passwords is to use a Password Manager such as Last Pass (paid) or KeeWeb (opensource free alternative). These password managers store all passwords within a vault that has a single “master passphrase” that users memorize. To assure security, the vault is encrypted and can be synced on the cloud as well for remote recovery.
Sending - Secure Transfer of Passwords
If you use a password manager, you can encrypt your password vault and send the vault file securely.
Many password managers like LastPass also allow users to send others a link to their email which will allow them to securely view a set of login credentials. Both the sender and receiver need to have LastPass to use this feature.
If you need assistance with password management or a review of your current procedures, just let us know. We’ll be happy to help you implement measures that safeguard your IT security and keep vital business information safe. Contact us today!