How to create, check and store your passwords securely 

Share this post:

Safety is one of everyone's main concerns. Today, we have to deal with endless threats: malware, phishing, brute force attacks and much more. This is when it becomes important to take all the necessary preventive measures to ensure the company's critical information, processes and services.

Using strong passwords is an essential part of accessing information in our digital lives. However, there are still many people who are not using strong and secure passwords despite their potential risks. This is even more important considering the fact that there are currently many workers connecting remotely to corporate services and not taking basic security measures such as using strong passwords.

Let's consider the current work and business environment: dozens and hundreds of users working from different parts of the world, accessing corporate information all the time and from mobile devices, laptops or tablets that, in most cases, do not have the necessary measures. adequate basic protection. Using strong passwords is especially vital in those cases where users, regardless of where they are, must access critical company IT resources, where the impact to the business due to loss of data is high. There it is essential to have a strict policy for creating, changing and managing keys, accompanied by role-based access control to tighten information protection.

Even more delicate is the fact that many organizations have not yet adopted a culture of educating their users (employees, clients, suppliers, among others) on how to create secure and complex keys that make their discovery and the implementation of storage methods difficult. and reliable password management. 

Although this issue may seem trivial or the concern of each individual, it is worth remembering that, currently, corporate users are one of the main sources of access for cybercriminals to business networks and systems and, although having a An established password policy will not solve the problem of cyberattacks on its own, it will make access to critical information more difficult.

Why should you have strong passwords?

Passwords are the gateway to personal and corporate information. The people who use them to steal information can not only cause financial problems, but can damage the professional or personal reputation or even get the victim company penalized for not taking adequate measures to comply with the regulations regarding the protection of personal data. data. For this reason, it is important to have a good security tactic when it comes to passwords.

One of the most common password theft attacks is the brute force attack, which is a type of computer attack that consists of trying again and again, by using different combinations of letters, numbers and symbols, the name of username and password to enter your account. If your passwords are weak, anyone can access your personal information without problems. As mentioned above, having a complex password will not necessarily guarantee that you are protected against cyber attacks or computer security breaches, but it will contribute to making access difficult for unscrupulous people or organizations and, even more so, if you have a strategy in place. periodic change of it.

What is a strong password?

A strong password is one that has no relationship with personal life and the use of simple words/phrases. In addition, it contains a combination of symbols, numbers and letters to increase its complexity.

Other additional recommendations for establishing strong passwords are that they have a minimum length of 8 to 12 characters and that, if possible, they be phrases or combinations of words that are easy to remember, but difficult to guess.

How to check if a password is secure?

Do not use common words such as “password”, “123456” or “letmein”. The words most used by hackers are the same ones that people use to create their passwords. Avoid using the names of your pets or even your children as passwords.

This not only makes it easy to guess, but not hee will give no additional security. In addition to this, there are free tools like Have Yo been Pwned that heand help you find out if syour email has been filtered in some blacklist or has been compromised in somea theft of data to companies or websites. 

The same way, the manufacturer of cybersecurity solutions Kaspersky has made available a password checking tool known as Kaspersky Password Checker, which will allow you to check if your keys are secure enough and will also check if it has been leaked.

Additional security recommendations:

There are also other extra measures you can take to increase the protection of your passwords and make access to websites more secure: 

Change the Wi-Fi password

Another highly recommended practice but little executed by the common people and companies is to change the access key to the wireless network(s) periodically.

Considering that currently more and more cybercriminals are seeking to intervene in companies' Wi-Fi networks, especially those with public access such as cafes, restaurants, airports, shopping centers, among others, it is essential that, as a basic measure of protection of internal and customer data, network access passwords are imposed.

In the case of companies where public attention and the volume of visitors is much lower, it is equally important to establish passwords for secure access and, if possible, create a specific network segment for guests, which isolates critical information from the company.

In these cases, following the best practices for creating and managing passwords is essential, especially for the access credentials of network administrators since, if these are breached, the consequences could be catastrophic for integrity and security. of the information.

In the case of home Wi-Fi networks, it is necessary for the service owner to communicate with the contracted internet service provider (in the case of Colombia, they would be Claro, Tigo, Movistar, among others) through the customer service channels to indicate the procedure to follow to change the password. These processes may vary depending on the company providing the service, but it is very common that it can be done through a self-management portal created by the company.

In any case, whether for corporate or personal use, managing access keys to the Wi-Fi network is as important as passwords for email, banking portals, information systems, etc. Creating them with basic standards, storing them securely and changing them periodically are essential practices to guarantee the security of the information and avoid interference in navigation.

In short, with the advances in threats and the sophistication of computer attacks, it is increasingly necessary to take measures to protect yourself from possible risks. It simply won't be enough to change your password more often or put it in a place where no one will find it. It is necessary to start using good practices for security, not only your own but also that of all users in your company.

This also includes having a strict routine for establishing or updating access codes to Wi-Fi networks since they are a gateway to corporate information. If there are no strong passwords, the data will be exposed to possible theft, alterations, deletions or hijackings and, therefore, business continuity would be compromised.

It is also essential to remember that cybersecurity goes beyond merely establishing one or two periodic actions or implementing robust technological solutions that protect networks or systems. It is about proposing a complete strategy, with activities, action plans, roles and responsibilities that involve all areas of the organization, from operational to directive, since it is the only way to ensure that all aspects are covered and understand What could be the vulnerable links in the chain. 

The use, verification and storage of passwords is just one of the many steps that must be taken to strengthen the organizational cybersecurity strategy and it is key that it is always taken into account.

To learn more about how to protect your data, contact a specialized advisor:

Recommended Articles