Part 1 of our guide to improve employee IT Safety
Often people don’t realise there are common techniques and applications which can be used to crack passwords and gain access to vulnerable accounts.
IMEX has compiled the following tips to help protect your employees and your company from such activity.
Common Types of Attacks
Dictionary attacks: These password cracks rely on software that automatically plugs common words into password fields.
Cracking security questions: When you click the “forgot password” link within a webmail service or other site, you are prompted to answer security questions ie. Place of birth or first pet’s name. These answers can often be found on your social media profile.
Simple passwords: Common simple choices are “123456”, “111111,” “princess,” “qwerty,” and “abc123.”
Re-use of passwords across multiple sites: Re-using passwords for email, banking, and social media accounts can lead to identity theft.
Here’s our 10 tips for password security
- Make sure you use different passwords for each of your accounts. One way of achieving this is to have a master password, for example “MyPa55word“, then you could add the initials of each account to the end of your password. MyPa55word:FB (for Facebook).
- Do use at least eight characters of lowercase and uppercase letters, numbers, and symbols in your password. Remember, the more the merrier.
- Strong passwords can be easy to remember but you can also make them hard to guess. Iam:)2b21! — This has 10 characters and says “I am happy to be 21!”, if only…
- Check your password strength. If the site you are signing up for, offers a password strength analyser, pay attention to it and heed its advice.
- Protect your information by creating a secure password that makes sense to you, but not to others.
- Always lock or log off if you leave your device —it only takes a moment for someone to steal or change the password.
- Use comprehensive security software and keep it up to date to avoid keyloggers (keystroke loggers) and other malware.
- Avoid entering passwords on computers you don’t control (like computers at an Internet café or library)—they may have malware that steals your passwords.
- Avoid entering passwords when using unsecured Wi-Fi connections (like at the airport or coffee shop)—hackers can intercept your passwords and data over this unsecured connection.
- Depending on the sensitivity of the information being protected, you should change your passwords periodically, and avoid re-using a password for at least one year.
The rule of thumb is to change your passwords frequently, every six months.