For most people, changing and keeping track of all their passwords doesn't rank high on their list of favorite things to do, but good password practices can help protect you from cyberattacks and contain the damage if a breach does occur. Here are six password best practices that are recommended for everybody to follow at work and at home:
1) Always use complex, random-looking passwords.
Use a seemingly random mix of uppercase letters, lowercase letters, numbers, and symbols — complex passwords are much more difficult for hackers to guess and programs to crack.
2) Use a different password for each account.
Don’t mix business with personal or internal with external. It’s especially important to have strong, unique passwords for your email accounts since other passwords can be reset with a link sent to your email.
3) Protect the secrecy of your passwords.
Don’t write them down, leave them where they are visible or accessible, or share them with anybody. Ever. Nobody – including your IT support – should ever have a legitimate need to ask for your password. If anybody does, independently verify that they are who they say they are (hang up and call back) and ensure your security department approves their request before you even think about actually sharing your password.
4) Change passwords as often as feasible.
This will limit how long a compromised password could be used to access your account.
5) Never use the “remember password” feature.
It may seem convenient in the short-term, but malware and hackers can steal passwords stored by your browsers and applications.
6) Use a password-management tool.
Programs like LastPass, KeePass and 1Password allow you to securely store your account IDs and hard-to-guess/remember passwords in an encrypted file with only one (complex!) master password for you to remember. Using one of these tools makes it really easy to adhere to all of these best practices.
1) “Use DMARC to Safeguard Your Brand (While Helping Fight Spam Too”
2) “How Do Spam Traps Work? Tips for Avoiding Your Worst Marketing Nightmare”
3) “Email Authentication: How SPF, DKIM and DMARC Separate the Wannabes from the Real Stuff”