News Feature | September 25, 2014

Why You Should Tell Your Customers To Change Their Passwords

By Rick Delgado, contributing writer

Password Security

Security problems have been making the headlines of every major news organization and website in the past few years. From the worries over the Heartbleed bug to Target’s costly breach, security is foremost on the mind of many people and businesses. The recent issue involving leaked nude celebrity photos taken from Apple’s iCloud has also brought a lot of focus on the problem. According to Apple, the photos were stolen when hackers got a hold of the celebrities’ usernames and passwords. Though it may seem simple, passwords represent a first line of defense against attackers. The difference between a good password and a bad one may be the difference between private information staying private and breaches that can cause embarrassment or much worse. In fact, according to a recent Trustwave security report, weak passwords were the most common method of intrusion in 2013. Having strong passwords is more important than ever. With that in mind, here are some suggestions you can make to your customers about enhancing their security by creating strong passwords.

Password Length And Content

The number of characters in a password matters. The general rule is the longer the password, the more secure is. A strong password should have at the least eight characters, with fourteen being the ideal length. As for what those characters are, the stranger and generally more random, the better. In other words, using the names of relatives, pets, universities, favorite colors, or really anything found in the dictionary would be a bad move. Common words are easy to crack, and personal information can be deciphered. Random letters (with some capitalization) are the way to go while also including numbers and symbols. A password around fourteen characters long with random numbers and symbols thrown in will be extremely difficult for attackers to break through while also increasing your overall network security.

Different Passwords

We use passwords for seemingly everything these days. Keeping track of all of them can be a chore, so many choose to use the same password for all their accounts, whether for email, social media, or banking. This strategy can be shortsighted; all it takes is for a hacker to determine one account password to gain access to everything else. Instead, you should vary up your passwords, using a different one for every account you have. In that way, hackers will have to discover each one if they want access to your personal information scattered across the Internet.

Remembering Passwords

If using random characters and multiple passwords wasn’t taxing enough, your customer is probably going to ask how to keep track of all of these hard-to-remember access keys. There are several tips to help manage passwords. The first is to use a core password that you memorize and simply add three letters to the end depending on what site you’re trying to access (AMA for Amazon, EBA for Ebay, etc.).  This helps keep a different password for each site while helping the user to remember everything. Your customer might prefer a password manager or vault — a program that keeps track of all of your passwords for you. A password manager is accessed through a single password, so all you need to worry about is memorizing the one and making sure it’s strong.

Password Changes

Even if you’ve found the perfect password to remember, keeping it for an extended period of time only increases the likelihood it will get cracked. You should advise your clients to change their password regularly. While the number of times to change it every year is debatable, generally it’s good advice to change your password every few months. In recent Lieberman Software security survey, while more than half of respondents said that they change the passwords used on the job quarterly, almost 10 percent said they never did it. To avoid greater security threats, changing all your passwords every few months is a good habit to have.

The breaches making headlines these days are just the latest in a long history of security threats, so the problems we’re seeing won’t go away anytime soon. Having a strong password can effectively frustrate hackers and heighten security. It’s a simple step to take that can go a long way towards staying safe while online.