May 8, 2024

World Password Day

In this digital age, passwords are the keys to our online world. Whether it’s for logging into your work computer, managing your finances, or simply binge-watching on Netflix, they’re indispensable. But let’s be honest, there’s often a collective sigh when we’re tasked with conjuring a new password for yet another app. Too often, we resort to recycling the same old favourites or slight variations of them. However, the importance of maintaining strong password practices cannot be overstated. They are there to protect us against unauthorised access to our personal and business accounts. Remember, if a hacker manages to crack just one password, they could potentially unlock a treasure trove of sensitive information.

Occasionally, passwords might fall into the wrong hands through rather careless means – sticky notes left on computer screens, ‘engineers’ phoning up and asking for passwords over the phone, or inadvertently divulging personal details that could lead straight to your passwords.

So, what can you do to help yourself?

We have consulted our IT partner, Cloud Shepherd, on what advice they could give when creating a new, strong password:

Use a passphrase: Construct a sequence of words or a memorable sentence that resonates with you personally.
Incorporate personal touches: Customise your password with details unique to your life, ensuring that it remains meaningful and memorable only to you.
Employ mnemonic devices: create passwords using the first letters of each word in a phrase or song lyric you enjoy.
Add complexity subtly: Heighten the security of your password by introducing subtle variations, such as substituting letters with numbers or symbols.
Use a password manager: Password management tools not only generate robust passwords, but also securely store them, alleviating the burden of memorisation.

You can read more examples HERE.

Some tips for extra protection

It’s crucial that you don’t reuse the same password across multiple sites. In the unfortunate event of a security breach, utilising the same password across multiple accounts could expose them all.
Ensure each account has a unique password and regularly update them to bolster security measures.
Under no circumstances should you divulge your password, except in situations where it’s absolutely necessary. In such cases, it’s essential to exchange your password in person to mitigate the risk of interception or misuse, and only to a trusted system administrator.
Be mindful of potential threats like ‘shoulder surfing’, where individuals may attempt to observe you entering your passwords.
For an added layer of security, consider implementing 2FA (two-factor authentication). This means that if the primary password is compromised, unauthorised access is still prevented as an additional authentication code is required to get into the account.

What can you do as a business?

Ensuring effective password management is just the tip of the iceberg. By implementing ISO 27001 you can protect your organisation against a myriad of security threats, be they internal, external, deliberate, or accidental. It shows your dedication to shielding your IT infrastructure and valuable data.

ISO 27001 mandates a thorough evaluation of risks posed by people, processes, systems, and external factors. This not only instils a peace of mind in potential clients, assuring them of the security of their confidential data, but also underscores your team’s competency, and your proactive approach to risk management and regulatory compliance.

For more information on how an ISO certification can help you with processes and information security please visit THIS page or call us on 0330 058 551.